Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
beaker-project beaker 20.1 vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2015-3162
Cross-site scripting (XSS) vulnerability in the edit comment dialog in bkr/server/widgets.py in Beaker 20.1 allows remote authenticated users to inject arbitrary web script or HTML via writing a crafted comment on an acked or nacked canceled job.
Beaker-project Beaker 20.1
4.8
CVSSv3
CVE-2015-3161
The search bar code in bkr/server/widgets.py in Beaker prior to 20.1 does not escape </script> tags in string literals when producing JSON.
Beaker-project Beaker
4.3
CVSSv3
CVE-2015-3160
XML external entity (XXE) vulnerability in bkr/server/jobs.py in Beaker prior to 20.1 allows remote authenticated users to obtain sensitive information via submitting job XML to the server containing entity references which reference files from the Beaker server's file syste...
Beaker-project Beaker
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started