Headline

GHSA-mv77-fj63-q5w8: Stored XSS vulnerability in Jenkins GitHub Plugin

Jenkins GitHub Plugin 1.37.3 and earlier does not escape the GitHub project URL on the build page when showing changes, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

11 months ago

ghsa

Open in Source

#xss #vulnerability #git

Stored XSS vulnerability in Jenkins GitHub Plugin

High severity GitHub Reviewed Published Oct 25, 2023 to the GitHub Advisory Database • Updated Oct 30, 2023

11 months ago

CVE

Open in Source

#xss #vulnerability #web #mac #windows #google #linux #git #php #auth

ghsa: Latest News

GHSA-9h9q-qhxg-89xr: Filament has unvalidated ColorColumn and ColorEntry values that can be used for Cross-site Scripting

2 days ago

ghsa

GHSA-jg74-mwgw-v6x3: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default

3 days ago

ghsa

GHSA-h4h5-9833-v2p4: Rancher agents can be hijacked by taking over the Rancher Server URL

3 days ago

ghsa

GHSA-g54f-66mw-hv66: Agnai vulnerable to Relative Path Traversal in Image Upload

3 days ago

ghsa

GHSA-h355-hm5h-cm8h: Agnai File Disclosure Vulnerability: JSON via Path Traversal

3 days ago

ghsa

Headline

GHSA-mv77-fj63-q5w8: Stored XSS vulnerability in Jenkins GitHub Plugin

Related news

ghsa: Latest News