Количество 4
Количество 4
CVE-2019-10405
Jenkins 2.196 and earlier, LTS 2.176.3 and earlier printed the value of the "Cookie" HTTP request header on the /whoAmI/ URL, allowing attackers exploiting another XSS vulnerability to obtain the HTTP session cookie despite it being marked HttpOnly.
CVE-2019-10405
Jenkins 2.196 and earlier, LTS 2.176.3 and earlier printed the value of the "Cookie" HTTP request header on the /whoAmI/ URL, allowing attackers exploiting another XSS vulnerability to obtain the HTTP session cookie despite it being marked HttpOnly.
CVE-2019-10405
Jenkins 2.196 and earlier, LTS 2.176.3 and earlier printed the value o ...
GHSA-47wc-p5cp-w7pw
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-10405 Jenkins 2.196 and earlier, LTS 2.176.3 and earlier printed the value of the "Cookie" HTTP request header on the /whoAmI/ URL, allowing attackers exploiting another XSS vulnerability to obtain the HTTP session cookie despite it being marked HttpOnly. | CVSS3: 4.4 | 81% Высокий | больше 6 лет назад |
 | CVE-2019-10405 Jenkins 2.196 and earlier, LTS 2.176.3 and earlier printed the value of the "Cookie" HTTP request header on the /whoAmI/ URL, allowing attackers exploiting another XSS vulnerability to obtain the HTTP session cookie despite it being marked HttpOnly. | CVSS3: 5.4 | 81% Высокий | больше 6 лет назад |
| CVE-2019-10405 Jenkins 2.196 and earlier, LTS 2.176.3 and earlier printed the value o ... | CVSS3: 5.4 | 81% Высокий | больше 6 лет назад |
| GHSA-47wc-p5cp-w7pw Exposure of Sensitive Information to an Unauthorized Actor in Jenkins | CVSS3: 4.3 | 81% Высокий | больше 3 лет назад |
Уязвимостей на страницу