CVE-2025-47885
- EPSS 0.05%
- Published 14.05.2025 20:35:55
- Last modified 12.06.2025 13:47:54
Jenkins Health Advisor by CloudBees Plugin 374.v194b_d4f0c8c8 and earlier does not escape responses from the Jenkins Health Advisor server, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control Jenkin...
CVE-2020-2258
- EPSS 0.03%
- Published 16.09.2020 14:15:13
- Last modified 21.11.2024 05:25:07
Jenkins Health Advisor by CloudBees Plugin 3.2.0 and earlier does not correctly perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to view that HTTP endpoint.
CVE-2020-2093
- EPSS 0.09%
- Published 15.01.2020 16:15:14
- Last modified 21.11.2024 05:24:35
A cross-site request forgery vulnerability in Jenkins Health Advisor by CloudBees Plugin 3.0 and earlier allows attackers to send an email with fixed content to an attacker-specified recipient.
CVE-2020-2094
- EPSS 0.09%
- Published 15.01.2020 16:15:14
- Last modified 21.11.2024 05:24:35
A missing permission check in Jenkins Health Advisor by CloudBees Plugin 3.0 and earlier allows attackers with Overall/Read permission to send a fixed email to an attacker-specific recipient.