Jan 24, 2024 · This advisory announces vulnerabilities in the following Jenkins deliverables: Jenkins (core); Git server Plugin · GitLab Branch Source ...
Using Content-Security-Policy (CSP), injection attacks like cross-site scripting can be prevented. Unfortunately, as of Jenkins 2.372, the Jenkins classic UI is ...
Sep 21, 2022 · This results in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control API responses by Anchore engine.
Mar 8, 2023 · This advisory announces vulnerabilities in the following Jenkins deliverables: Jenkins (core); update-center2. Descriptions. XSS vulnerability ...
Jun 14, 2023 · As of publication of this advisory, we are aware of insufficiently escaped context menu URLs for label expressions, allowing attackers with Item ...
Missing: prevention/ | Show results with:prevention/
Sep 6, 2023 · This advisory announces vulnerabilities in the following Jenkins deliverables: Assembla Auth Plugin · AWS CodeCommit Trigger Plugin ...
Jun 30, 2022 · This results in a cross-site scripting (XSS) vulnerability exploitable by attackers able to configure jobs or control test results. TestNG ...
Mar 15, 2022 · Document Jenkins on Kubernetes. Security ... This results in a stored cross-site scripting (XSS) ... URL validation for the Iframe Portlet's Iframe ...
May 17, 2022 · This results in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to submit crafted Rundeck webhook payloads.
May 16, 2023 · This results in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to set build display names immediately. The ...