|
196811
|
5.4 |
MEDIUM
Network
|
jenkins
|
artifact_repository_parameter
|
Jenkins Artifact Repository Parameter Plugin 1.0.0 and earlier does not escape parameter names and descriptions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attacker…
|
CWE-79
Cross-site Scripting
|
CVE-2021-21622
|
2024-11-21 14:48 |
2021-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196812
|
5.3 |
MEDIUM
Network
|
jenkins
|
support_core
|
Jenkins Support Core Plugin 2.72 and earlier provides the serialized user authentication as part of the "About user (basic authentication details only)" information, which can include the session ID …
|
CWE-200
Information Exposure
|
CVE-2021-21621
|
2024-11-21 14:48 |
2021-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196813
|
4.3 |
MEDIUM
Network
|
jenkins
|
claim
|
A cross-site request forgery (CSRF) vulnerability in Jenkins Claim Plugin 2.18.1 and earlier allows attackers to change claims.
|
CWE-352
Origin Validation Error
|
CVE-2021-21620
|
2024-11-21 14:48 |
2021-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196814
|
5.4 |
MEDIUM
Network
|
jenkins
|
claim
|
Jenkins Claim Plugin 2.18.1 and earlier does not escape the user display name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers who are able to control the disp…
|
CWE-79
Cross-site Scripting
|
CVE-2021-21619
|
2024-11-21 14:48 |
2021-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196815
|
5.4 |
MEDIUM
Network
|
jenkins
|
repository_connector
|
Jenkins Repository Connector Plugin 2.0.2 and earlier does not escape parameter names and descriptions for past builds, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by a…
|
CWE-79
Cross-site Scripting
|
CVE-2021-21618
|
2024-11-21 14:48 |
2021-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196816
|
8.8 |
HIGH
Network
|
jenkins
|
configuration_slicing
|
A cross-site request forgery (CSRF) vulnerability in Jenkins Configuration Slicing Plugin 1.51 and earlier allows attackers to apply different slice configurations.
|
CWE-352
Origin Validation Error
|
CVE-2021-21617
|
2024-11-21 14:48 |
2021-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196817
|
4.6 |
MEDIUM
Network
|
jenkins
|
active_choices
|
Jenkins Active Choices Plugin 2.5.2 and earlier does not escape reference parameter values, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure …
|
CWE-79
Cross-site Scripting
|
CVE-2021-21616
|
2024-11-21 14:48 |
2021-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196818
|
5.3 |
MEDIUM
Network
|
brave
|
brave
|
Brave is an open source web browser with a focus on privacy and security. In Brave versions 1.17.73-1.20.103, the CNAME adblocking feature added in Brave 1.17.73 accidentally initiated DNS requests t…
|
-
|
CVE-2021-21323
|
2024-11-21 14:48 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196819
|
6.0 |
MEDIUM
Local
|
dell
|
emc_powerprotect_cyber_recovery
|
Dell EMC PowerProtect Cyber Recovery, version 19.7.0.1, contains an Information Disclosure vulnerability. A locally authenticated high privileged Cyber Recovery user may potentially exploit this vuln…
|
CWE-200
Information Exposure
|
CVE-2021-21512
|
2024-11-21 14:48 |
2021-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196820
|
5.4 |
MEDIUM
Network
|
apereo
|
opencast
|
Opencast is a free, open-source platform to support the management of educational audio and video content. In Opencast before version 9.2 there is a vulnerability in which publishing an episode with …
|
-
|
CVE-2021-21318
|
2024-11-21 14:48 |
2021-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
