Skip to main content
CVE-2019-10373 MEDIUM This Month

A stored cross-site scripting vulnerability in Jenkins Build Pipeline Plugin 1.5.8 and earlier allows attackers able to edit the build pipeline description to inject arbitrary HTML and JavaScript in. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Build Pipeline
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2019-10378 MEDIUM This Month

Jenkins TestLink Plugin 3.16 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Jenkins Information Disclosure Testlink
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2019-10389 MEDIUM This Month

A missing permission check in Jenkins Relution Enterprise Appstore Publisher Plugin 1.24 and earlier allows attackers to have Jenkins initiate an HTTP connection to an attacker-specified server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Relution Enterprise Appstore Publisher
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2019-10388 MEDIUM This Month

A cross-site request forgery vulnerability in Jenkins Relution Enterprise Appstore Publisher Plugin 1.24 and earlier allows attackers to have Jenkins initiate an HTTP connection to an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins CSRF Relution Enterprise Appstore Publisher
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2019-10377 MEDIUM This Month

A missing permission check in Jenkins Avatar Plugin 1.2 and earlier allows attackers with Overall/Read access to change the avatar of any user of Jenkins. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Avatar
NVD
CVSS 3.1
4.3
EPSS
0.7%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy