Subversion Partial Release Manager Plugin 1.0.1 and earlier does not escape the error message for the repository URL field form validation.
This results in a reflected cross-site scripting (XSS) vulnerability that can also be exploited similar to a sto…
[org.jenkins-ci.plugins:play-autotest-plugin] OS command injection vulnerability in Jenkins Play Framework Plugin
A form validation endpoint in Play Framework Plugin executes the play command to validate a given input file.
Play Framework Plugin 1.0.2 and earlier lets users specify the path to the play command on the Jenkins controller. This results in an OS comma…
[org.jenkins-ci.plugins:swarm] CSRF vulnerability in Jenkins Swarm Plugin
Swarm Plugin adds API endpoints to add or remove agent labels. In Swarm Plugin 3.20 and earlier these only require a global Swarm secret to use, and no regular permission check is performed. This allows users with Agent/Create permission to add or remo…
[org.jenkins-ci.plugins:swarm] Improper permission checks in Jenkins Swarm Plugin
Swarm Plugin adds API endpoints to add or remove agent labels. In Swarm Plugin 3.20 and earlier these only require a global Swarm secret to use, and no regular permission check is performed. This allows users with Agent/Create permission to add or remo…
[io.jenkins.plugins:echarts-api] Stored XSS vulnerability in Jenkins ECharts API Plugin
ECharts API Plugin 4.7.0-3 and earlier does not escape the parser identifier when rendering charts.
This results in a stored cross-site scripting (XSS) vulnerability that can be exploited by users with Job/Configure permission.
ECharts API Plugin 4.7.0…
[org.jenkins-ci.plugins:selenium] Complete lack of CSRF protection in Jenkins Selenium Plugin can lead to OS command injection
Selenium Plugin 3.141.59 and earlier has no CSRF protection for its HTTP endpoints.
This allows attackers to perform the following actions:
Restart the Selenium Grid hub.
Delete or replace the plugin configuration.
Start, stop, or restart Selenium con…
[org.jenkins-ci.plugins:compact-columns] Stored XSS vulnerability in Jenkins Compact Columns Plugin
Compact Columns Plugin 1.11 and earlier displays the unprocessed job description in tooltips.
This results in a stored cross-site scripting vulnerability that can be exploited by users with Job/Configure permission.
Compact Columns Plugin 1.12 applies …
[io.jenkins.plugins:echarts-api] Stored XSS vulnerability in Jenkins ECharts API Plugin
ECharts API Plugin 4.7.0-3 and earlier does not escape the display name of the builds in the trend chart.
This results in a stored cross-site scripting (XSS) vulnerability that can be exploited by users with Run/Update permission.
ECharts API Plugin 4….
[org.jenkins-ci.plugins:ec2] Lack of SSL/TLS certificate and hostname validation in Amazon EC2 Plugin
Amazon EC2 Plugin connects to Windows agents via HTTPS.
Amazon EC2 Plugin 1.50.1 and earlier unconditionally accepts self-signed HTTPS certificates and does not perform hostname validation when connecting to Windows agents. This lack of validation coul…
[org.jenkins-ci.plugins:ec2] Missing SSH host key validation in Amazon EC2 Plugin
Amazon EC2 Plugin 1.50.1 and earlier does not use SSH host key validation when connecting to agents. This lack of validation could be abused using a man-in-the-middle attack to intercept these connections to build agents.
Amazon EC2 Plugin 1.50.2 provi…