The host is installed with Jenkins LTS through 2.235.1 or Jenkins rolling release through 2.244 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an escaping agent name in the build time trend page. Successful exploitation could allow attackers to cause a stored XSS vulnerability.
The host is installed with Jenkins LTS through 2.235.1 or Jenkins rolling release through 2.244 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an escaping agent name in the build time trend page. Successful exploitation could allow attackers to cause a stored XSS vulnerability.
The host is installed with Jenkins LTS through 2.235.1 or Jenkins rolling release through 2.244 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle escaping upstream job's display name shown as part of a build cause. Successful exploitation could allow attackers to cause a stored XSS vulnerability.
The host is installed with Jenkins LTS through 2.235.1 or Jenkins rolling release through 2.244 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle escaping upstream job's display name shown as part of a build cause. Successful exploitation could allow attackers to cause a stored XSS vulnerability.
The host is installed with Jenkins LTS through 2.235.1 or Jenkins rolling release through 2.244 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle escaping job name in the 'Keep this build forever' badge tooltip. Successful exploitation could allow attackers to cause a stored XSS vulnerability.
The host is installed with Jenkins LTS through 2.235.1 or Jenkins rolling release through 2.244 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle escaping job name in the 'Keep this build forever' badge tooltip. Successful exploitation could allow attackers to cause a stored XSS vulnerability.
The host is installed with Jenkins LTS through 2.235.1 or Jenkins rolling release through 2.244 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle escaping 'href' attribute of links to downstream jobs displayed in the build console page. Successful exploitation could allow attackers to cause a stored XSS vulnerability.
The host is installed with Jenkins LTS through 2.235.1 or Jenkins rolling release through 2.244 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle escaping 'href' attribute of links to downstream jobs displayed in the build console page. Successful exploitation could allow attackers to cause a stored XSS vulnerability.
Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix: * nss: TLS 1.3 CCS flood remote DoS Attack For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Bug Fix ...
Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss , nspr . Security Fix: * nss: TLS 1.3 CCS flood remote DoS Attack For mo ...