CVSS: 5.0EPSS: 0%CPEs: 14EXPL: 0CVE-2014-3679
https://notcve.org/view.php?id=CVE-2014-3679
The Monitoring plugin before 1.53.0 for Jenkins allows remote attackers to obtain sensitive information by accessing unspecified pages. El plugin Monitoring en versiones anteriores a 1.53.0 para Jenkins permite a atacantes remotos obtener información sensible accediendo a páginas no especificadas. • https://wiki.jenkins-ci.org/display/JENKINS/Monitoring https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 •
CVSS: 4.3EPSS: 0%CPEs: 14EXPL: 0CVE-2014-3678
https://notcve.org/view.php?id=CVE-2014-3678
Cross-site scripting (XSS) vulnerability in the Monitoring plugin before 1.53.0 for Jenkins allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en el plugin Monitoring en versiones anteriores a 1.53.0 para Jenkins permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://secunia.com/advisories/59122 https://wiki.jenkins-ci.org/display/JENKINS/Monitoring https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •