NotCVE - vendor:"Jenkins"

Page 143 of 1626 results (0.014 seconds)

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-21668

https://notcve.org/view.php?id=CVE-2021-21668

Jenkins Scriptler Plugin 3.1 and earlier does not escape script content, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Scriptler/Configure permission. Jenkins Scriptler Plugin versiones 3.1 y anteriores, no escapan el contenido de los scripts, lo que resulta en una vulnerabilidad de tipo cross-site scripting (XSS) almacenado explotable por atacantes con permiso de Scriptler/Configure • http://www.openwall.com/lists/oss-security/2021/06/16/3 https://www.jenkins.io/security/advisory/2021-06-16/#SECURITY-2390 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-21667

https://notcve.org/view.php?id=CVE-2021-21667

Jenkins Scriptler Plugin 3.2 and earlier does not escape parameter names shown in job configuration forms, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Scriptler/Configure permission. Jenkins Scriptler Plugin versiones 3.2 y anteriores no escapan los nombres de los parámetros mostrados en los formularios de configuración de trabajos, resultando en una vulnerabilidad de tipo cross-site scripting (XSS) almacenado explotable por atacantes con permiso de Scriptler/Configure • http://www.openwall.com/lists/oss-security/2021/06/16/3 https://www.jenkins.io/security/advisory/2021-06-16/#SECURITY-2224 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-21666

https://notcve.org/view.php?id=CVE-2021-21666

Jenkins Kiuwan Plugin 1.6.0 and earlier does not escape query parameters in an error message for a form validation endpoint, resulting in a reflected cross-site scripting (XSS) vulnerability. Jenkins Kiuwan Plugin versiones 1.6.0 y anteriores no escapan los parámetros de consulta en un mensaje de error para un endpoint de comprobación de formularios, lo que da lugar a una vulnerabilidad de tipo cross-site scripting (XSS) reflejado • http://www.openwall.com/lists/oss-security/2021/06/10/14 https://www.jenkins.io/security/advisory/2021-06-10/#SECURITY-2367 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-21665

https://notcve.org/view.php?id=CVE-2021-21665

A cross-site request forgery (CSRF) vulnerability in Jenkins XebiaLabs XL Deploy Plugin 10.0.1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing Username/password credentials stored in Jenkins. Una vulnerabilidad de tipo cross-site request forgery (CSRF) en Jenkins XebiaLabs XL Deploy Plugin versiones 10.0.1 y anteriores, permite a atacantes conectarse a una URL especificada por el atacante usando identificaciones de credenciales especificadas por el atacante obtenidas mediante otro método, capturando credenciales de nombre de usuario/contraseña almacenadas en Jenkins • http://www.openwall.com/lists/oss-security/2021/06/10/14 https://www.jenkins.io/security/advisory/2021-06-10/#SECURITY-1982 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-21663

https://notcve.org/view.php?id=CVE-2021-21663

A missing permission check in Jenkins XebiaLabs XL Deploy Plugin 7.5.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing Username/password credentials stored in Jenkins. Una comprobación de permiso faltante en Jenkins XebiaLabs XL Deploy Plugin versión 7.5.8 y anteriores, permite a atacantes con permiso de Overall/Read conectarse a una URL especificada por el atacante usando IDs de credenciales especificadas por el atacante obtenidas mediante otro método, capturando credenciales de nombre de usuario/contraseña almacenadas en Jenkins • http://www.openwall.com/lists/oss-security/2021/06/10/14 https://www.jenkins.io/security/advisory/2021-06-10/#SECURITY-1982 •

1...141 142 143 144 145