Jenkins Release Plugin 2.10.2 and earlier does not escape the release version in badge tooltip, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Release/Release permission.
References
https://nvd.nist.gov/vu…
couchdb-statistics Plugin 0.3 and earlier stores its server password unencrypted in its global configuration file org.jenkinsci.plugins.couchstats.CouchStatsConfig.xml on the Jenkins controller as part of its configuration.
This password can be viewed …
Active Choices Plugin 2.4 and earlier does not escape the name and description of build parameters.
This results in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
Active Choices Plugin 2.5 esca…
Audit Trail Plugin uses regular expressions to match requested URLs whose dispatch should be logged.
In Audit Trail Plugin 3.6 and earlier, the default regular expression pattern could be bypassed in many cases by adding a suffix to the URL that would …
Active Choices Plugin 2.4 and earlier does not escape List and Map return values of sandboxed scripts for Reactive Reference Parameter.
This results in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permis…
Role-based Authorization Strategy Plugin 2.12 and newer uses a cache to speed up permission lookups. Role-based Authorization Strategy Plugin 3.0 and earlier this cache is not invalidated properly when an administrator changes the permission configurat…
Lockable Resources Plugin 2.8 and earlier does not require POST requests for several HTTP endpoints, resulting in a cross-site request forgery (CSRF) vulnerability. This vulnerability allows attackers to reserve, unreserve, unlock, and reset resources….
Implied Labels Plugin 0.6 and earlier does not perform a permission check in an HTTP endpoint.
This allows attackers with Overall/Read permission to configure the plugin.
Implied Labels Plugin 0.7 requires Overall/Administer permission to configure the…
Liquibase Runner Plugin 1.4.5 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
This allows attackers able to provide Liquibase changesets evaluated by the plugin to have Jenkins parse a crafted XML file that u…
Liquibase Runner Plugin 1.4.7 and earlier does not perform a permission check in an HTTP endpoint.
This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack …
