Skip to main content

Buildmaster

4 CVEs product

Monthly

CVE-2017-16520 HIGH This Week

Inedo BuildMaster before 5.8.2 does not properly restrict creation of RequireManageAllPrivileges event listeners. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Buildmaster
NVD
CVSS 3.0
7.5
EPSS
0.2%
CVE-2017-16761 MEDIUM This Month

An Open Redirect vulnerability in Inedo BuildMaster before 5.8.2 allows remote attackers to redirect users to arbitrary web sites. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Buildmaster
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-16760 MEDIUM This Month

Inedo BuildMaster before 5.8.2 has XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Buildmaster
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-16521 CRITICAL Act Now

In Inedo BuildMaster before 5.8.2, XslTransform was used where XslCompiledTransform should have been used. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buildmaster
NVD
CVSS 3.0
9.8
EPSS
0.8%
EPSS 0% CVSS 7.5
HIGH This Week

Inedo BuildMaster before 5.8.2 does not properly restrict creation of RequireManageAllPrivileges event listeners. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Buildmaster
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

An Open Redirect vulnerability in Inedo BuildMaster before 5.8.2 allows remote attackers to redirect users to arbitrary web sites. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Buildmaster
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Inedo BuildMaster before 5.8.2 has XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Buildmaster
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

In Inedo BuildMaster before 5.8.2, XslTransform was used where XslCompiledTransform should have been used. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buildmaster
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy