Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4
CVE-2022-23108
- EPSS 25.85%
- Published 12.01.2022 20:15:09
- Last modified 21.11.2024 06:48:00
Jenkins Badge Plugin 1.9 and earlier does not escape the description and does not check for allowed protocols when creating a badge, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permissio...
5.4
CVE-2018-1000604
- EPSS 0.06%
- Published 26.06.2018 17:29:00
- Last modified 21.11.2024 03:40:12
A persisted cross-site scripting vulnerability exists in Jenkins Badge Plugin 1.4 and earlier in BadgeSummaryAction.java, HtmlBadgeAction.java that allows attackers able to control build badge content to define JavaScript that would be executed in an...
1