Jenkins

Promoted Builds

5 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 31.6%
  • Published 17.05.2022 15:15:10
  • Last modified 21.11.2024 07:03:38

Jenkins Promoted Builds (Simple) Plugin 1.9 and earlier does not escape the name and description of Promotion Level parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers wit...

  • EPSS 25.85%
  • Published 12.04.2022 20:15:09
  • Last modified 21.11.2024 06:58:24

Jenkins promoted builds Plugin 873.v6149db_d64130 and earlier, except 3.10.1, does not escape the name and description of Promoted Build parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploit...

  • EPSS 3.05%
  • Published 12.04.2022 20:15:09
  • Last modified 21.11.2024 06:58:24

Jenkins promoted builds Plugin 873.v6149db_d64130 and earlier, except 3.10.1, does not validate the names of promotions defined in Job DSL, allowing attackers with Job/Configure permission to create a promotion with an unsafe name.

  • EPSS 2.53%
  • Published 07.04.2021 14:15:17
  • Last modified 21.11.2024 05:48:45

A cross-site request forgery (CSRF) vulnerability in Jenkins promoted builds Plugin 3.9 and earlier allows attackers to to promote builds.

  • EPSS 0.03%
  • Published 13.03.2018 13:29:00
  • Last modified 21.11.2024 03:39:40

An improper authorization vulnerability exists in Jenkins Promoted Builds Plugin 2.31.1 and earlier in Status.java and ManualCondition.java that allow an attacker with read access to jobs to perform promotions.