MODERATE

[org.jenkins-ci.plugins:htmlpublisher] Jenkins HTML Publisher Plugin path traversal vulnerability

A path traversal vulnerability exists in Jenkins HTML Publisher Plugin 1.15 and older in HtmlPublisherTarget.java that allows attackers able to configure the HTML Publisher build step to override arbitrary files on the Jenkins master. In version 1.16, …

[org.jenkins-ci.plugins:cas-plugin] Jenkins CAS Plugin Server-Side Request Forgery vulnerability

A server-side request forgery vulnerability exists in Jenkins CAS Plugin 1.4.1 and older in CasSecurityRealm.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. Additionally, this form validati…

[org.jenkins-ci.plugin:ghprb] Jenkins GitHub Pull Request Builder Plugin credential capture vulnerability

A exposure of sensitive information vulnerability exists in Jenkins GitHub Pull Request Builder Plugin 1.41.0 and older in GhprbGitHubAuth.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specif…

[org.jenkins-ci.plugins:github-branch-source] Jenkins GitHub Branch Source Plugin vulnerable to Server-Side Request Forgery

A server-side request forgery vulnerability exists in Jenkins GitHub Branch Source Plugin 2.3.4 and older in Endpoint.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. Additionally, this form…

[ember-source] Ember.js Cross-site Scripting vulnerability

Ember.js 1.0.x before 1.0.1, 1.1.x before 1.1.3, 1.2.x before 1.2.1, 1.3.x before 1.3.1, and 1.4.x before 1.4.0-beta.2 allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging an application that contains templates whose cont…

[org.jenkins-ci.plugins:saml] Jenkins SAML Plugin Session Fixation vulnerability

A session fixation vulnerability exists in Jenkins SAML Plugin 1.0.6 and earlier in SamlSecurityRealm.java that allows unauthorized attackers to impersonate another users if they can control the pre-authentication session. SAML Plugin 1.0.7 invalidates…

[org.jenkins-ci.plugins:badge] Jenkins Badge Plugin cross-site scripting vulnerability

A persisted cross-site scripting vulnerability exists in Jenkins Badge Plugin 1.4 and earlier in BadgeSummaryAction.java, HtmlBadgeAction.java that allows attackers able to control build badge content to define JavaScript that would be executed in anot…

[xapian-core] xapian-core Cross-site Scripting vulnerability

A cross-site scripting vulnerability in queryparser/termgenerator_internal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet().
References

https://nvd.nist.gov/vuln/detail/CVE-2018-0499
https://lists…

[org.jenkins-ci.plugins:collabnet] Jenkins CollabNet Plugin man in the middle vulnerability

A man in the middle vulnerability exists in Jenkins CollabNet Plugin 2.0.4 and earlier in CollabNetApp.java, CollabNetPlugin.java, CNFormFieldValidator.java that allows attackers to impersonate any service that Jenkins connects to. CollabNet Plugin 2.0…

[fat_free_crm] Fat Free CRM Cross-Site Request Forgery vulnerability

Fat Free CRM before 0.13.6 allows remote attackers to conduct cross-site request forgery (CSRF) attacks via a request without the authenticity_token, as demonstrated by a crafted HTML page that creates a new administrator account.
References

https://n…

TechMedia

Featured

[vitess.io/vitess] vitess allows users to create keyspaces that can deny access to already existing keyspaces

[github.com/answerdev/answer] Answer vulnerable to account takeover because password reset links do not expire

[thorsten/phpmyfaq] thorsten/phpmyfaq vulnerable to improper access control

[thorsten/phpmyfaq] thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via updatecategory parameter