An improper authorization vulnerability exists in Jenkins Jira Plugin 3.0.1 and earlier in JiraSite.java that allows attackers with Overall/Read access to have Jenkins connect to an attacker-specified URL using attacker-specified credentials IDs obtain…
[org.jenkins-ci.plugins:ansible] Jenkins Ansible Plugin man in the middle vulnerability
A man in the middle vulnerability exists in Jenkins Ansible Plugin 0.8 and older in AbstractAnsibleInvocation.java, AnsibleAdHocCommandBuilder.java, AnsibleAdHocCommandInvocationTest.java, AnsibleContext.java, AnsibleJobDslExtension.java, AnsiblePlaybo…
[org.jenkins-ci.plugins:jenkins-multijob-plugin] Jenkins Multijob plugin did not check permissions in the Resume Build action
Jenkins Multijob plugin version 1.25 and earlier did not check permissions in the Resume Build action, allowing anyone with Job/Read permission to resume the build. Multijob plugin 1.26 introduced a permission check requiring Overall/Administer. This w…
[camaleon_cms] Camaleon CMS vulnerable to Stored Cross-site Scripting
In the 2.4 version of Camaleon CMS, Stored XSS has been discovered. The profile image in the User settings section can be run in the update / upload area via /admin/media/upload?actions=false.
References
https://nvd.nist.gov/vuln/detail/CVE-2018-18260…
[features] Features file injection vulnerability
File injection vulnerability in Ruby gem Features 0.3.0 allows remote attackers to inject malicious html in the /tmp directory.
References
https://nvd.nist.gov/vuln/detail/CVE-2013-4318
https://security-tracker.debian.org/tracker/CVE-2013-4318
http://…
[cakephp/cakephp] CakePHP directory traversal vulnerability allows remote attackers to read arbitrary files
Directory traversal vulnerability in app/webroot/js/vendors.php in Cake Software Foundation CakePHP before 1.1.8.3544 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, followed by a filename ending with %00 and a…
[cakephp/cakephp] Cross-site scripting (XSS) vulnerability in CakePHP
Cross-site scripting (XSS) vulnerability in cake/libs/error.php in CakePHP before 1.1.7.3363 allows remote attackers to inject arbitrary web script or HTML via the URL, which is reflected back in a 404 (“Not Found”) error page. NOTE: some of these deta…
[element-plus] element-plus vulnerable to cross-site scripting (XSS) via el-table-column
element-plus below 2.0.5 is vulnerable to Cross Site Scripting (XSS) when attribute show-tooltips-overflow of el-table-column is true. The mouseover action will make the text of this column render as html.
References
https://nvd.nist.gov/vuln/detail/C…
[Simple-Wayland-HotKey-Daemon] Unsafe parsing in SWHKD
SWHKD 1.1.5 allows unsafe parsing via the -c option. An information leak might occur but there is a simple denial of service (memory exhaustion) upon an attempt to parse a large or infinite file (such as a block or character device).
References
https:…
[org.jenkins-ci.plugins:scp] CSRF vulnerability in Jenkins SCP publisher Plugin
SCP publisher Plugin 1.8 and earlier does not perform a permission check in a method implementing form validation.
This allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified username and p…