Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins job configuration history vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-41930
Jenkins Job Configuration History Plugin 1227.v7a_79fc4dc01f and previous versions does not restrict the 'name' query parameter when rendering a history entry, allowing malicious users to have Jenkins render a manipulated configuration history that was not created by th...
Jenkins Job Configuration History
NA
CVE-2023-41931
Jenkins Job Configuration History Plugin 1227.v7a_79fc4dc01f and previous versions does not property sanitize or escape the timestamp value from history entries when rendering a history entry on the history view, resulting in a stored cross-site scripting (XSS) vulnerability.
Jenkins Job Configuration History
NA
CVE-2023-41932
Jenkins Job Configuration History Plugin 1227.v7a_79fc4dc01f and previous versions does not restrict 'timestamp' query parameters in multiple endpoints, allowing attackers with to delete attacker-specified directories on the Jenkins controller file system as long as the...
Jenkins Job Configuration History
NA
CVE-2023-41933
Jenkins Job Configuration History Plugin 1227.v7a_79fc4dc01f and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Job Configuration History
NA
CVE-2022-38664
Jenkins Job Configuration History Plugin 1165.v8cc9fd1f4597 and previous versions does not escape the job name on the System Configuration History page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure job names.
Jenkins Job Configuration History
NA
CVE-2022-36887
A cross-site request forgery (CSRF) vulnerability in Jenkins Job Configuration History Plugin 1155.v28a_46a_cc06a_5 and previous versions allows malicious users to delete entries from job, agent, and system configuration history, or restore older versions of job, agent, and syste...
Jenkins Job Configuration History
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started