NotCVE - vendor:"Gradle" product:"Enterprise" version:" >= 2020.2 <= 2020.2.4"

Page 2 of 12 results (0.004 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2020-15768

https://notcve.org/view.php?id=CVE-2020-15768

18 Sep 2020 — An issue was discovered in Gradle Enterprise 2017.3 - 2020.2.4 and Gradle Enterprise Build Cache Node 1.0 - 9.2. Unrestricted HTTP header reflection in Gradle Enterprise allows remote attackers to obtain authentication cookies, if they are able to discover a separate XSS vulnerability. This potentially allows an attacker to impersonate another user. Gradle Enterprise affected application request paths:/info/headers, /cache-info/headers, /admin-info/headers, /distribution-broker-info/headers. Gradle Enterpri... • https://github.com/gradle/gradle/security/advisories •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2020-15769

https://notcve.org/view.php?id=CVE-2020-15769

18 Sep 2020 — An issue was discovered in Gradle Enterprise 2020.2 - 2020.2.4. An XSS issue exists via the request URL. Se detectó un problema en Gradle Enterprise versiones 2020.2 - 2020.2.4. Se presenta un problema de tipo XSS por medio de una URL de petición • https://github.com/gradle/gradle/security/advisories • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1 2