CVSS: 5.3EPSS: 0%CPEs: 14EXPL: 0CVE-2014-3679
https://notcve.org/view.php?id=CVE-2014-3679
16 Oct 2014 — The Monitoring plugin before 1.53.0 for Jenkins allows remote attackers to obtain sensitive information by accessing unspecified pages. El plugin Monitoring en versiones anteriores a 1.53.0 para Jenkins permite a atacantes remotos obtener información sensible accediendo a páginas no especificadas. • https://wiki.jenkins-ci.org/display/JENKINS/Monitoring •
CVSS: 4.3EPSS: 0%CPEs: 14EXPL: 0CVE-2014-3678
https://notcve.org/view.php?id=CVE-2014-3678
10 Oct 2014 — Cross-site scripting (XSS) vulnerability in the Monitoring plugin before 1.53.0 for Jenkins allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en el plugin Monitoring en versiones anteriores a 1.53.0 para Jenkins permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://secunia.com/advisories/59122 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •