exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2

CVE-2023-6148

около 2 лет назад

Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. This allowed any user with login access and access to configure or edit jobs to utilize the plugin to configure a potential rouge endpoint via which it was possible to control response for certain request which could be injected with XSS payloads leading to XSS while processing the response data

CVSS3: 5.7

EPSS: Низкий

GHSA-rwf9-8fqr-p44m

около 2 лет назад

Qualys Jenkins Plugin for Policy Compliance Cross-site Scripting vulnerability

CVSS3: 5.7

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	CVE-2023-6148 Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. This allowed any user with login access and access to configure or edit jobs to utilize the plugin to configure a potential rouge endpoint via which it was possible to control response for certain request which could be injected with XSS payloads leading to XSS while processing the response data	CVSS3: 5.7	0% Низкий	около 2 лет назад
	GHSA-rwf9-8fqr-p44m Qualys Jenkins Plugin for Policy Compliance Cross-site Scripting vulnerability	CVSS3: 5.7	0% Низкий	около 2 лет назад

Уязвимостей на страницу