Search Results | AttackerKB

Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.149 and earlier does not mask credentials displayed on the configuration form, increasing the potential for attackers to observe and capture them.

Attack Vector: Network Privileges: None User Interaction: None

Attacker Value

Unknown

CVE-2023-26519

Disclosure Date: May 06, 2023 (last updated February 24, 2025)

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alex Benfica Publish to Schedule plugin <= 4.5.4 versions.

Attack Vector: Network Privileges: High User Interaction: Required

Attacker Value

Unknown

CVE-2023-25046

Disclosure Date: April 07, 2023 (last updated February 24, 2025)

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Podlove Podlove Podcast Publisher plugin <= 3.8.2 versions.

Attack Vector: Network Privileges: High User Interaction: Required

Attacker Value

Unknown

CVE-2023-28682

Disclosure Date: April 02, 2023 (last updated February 24, 2025)

Jenkins Performance Publisher Plugin 8.09 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

Attack Vector: Network Privileges: None User Interaction: None

Attacker Value

Unknown

CVE-2023-24057

Disclosure Date: January 26, 2023 (last updated February 24, 2025)

HL7 (Health Level 7) FHIR Core Libraries before 5.6.92 allow attackers to extract files into arbitrary directories via directory traversal from a crafted ZIP or TGZ archive (for a prepackaged terminology cache, NPM package, or comparison archive).

Attack Vector: Network Privileges: None User Interaction: None

165 Total Results

Displaying 31-40 of 165

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Quick Cookie Notification