jenkins-core is vulnerable to Cross-Site Scripting. The vulnerability is due to improper origin validation of requests made through the CLI WebSocket endpoint, resulting in a cross-site WebSocket hija ...
Continue Reading
February 01, 2024
Jenkins 2.217 through 2.441 (both inclusive), LTS 2.222.1 through 2.426.2 (both inclusive) does not perform origin validation of requests made through the CLI WebSocket endpoint, resulting in a cross- ...
Continue Reading
February 01, 2024
Jenkins 2.217 through 2.441 (both inclusive), LTS 2.222.1 through 2.426.2 (both inclusive) does not perform origin validation of requests made through the CLI WebSocket endpoint, resulting in a cross- ...
Continue Reading
February 01, 2024
Mattermost fails to properly validate the origin of a websocket connection allowing a MITM attacker on Mattermost to access the websocket...Read More ...
Continue Reading
February 01, 2024
Mattermost fails to properly validate the origin of a websocket connection allowing a MITM attacker on Mattermost to access the websocket...Read More ...
Continue Reading
February 01, 2024
When archiving a team, Mattermost fails to sanitize the related Websocket event sent to currently connected clients. This allows the clients to see the name, display name, description, and other data ...
Continue Reading
February 01, 2024
When archiving a team, Mattermost fails to sanitize the related Websocket event sent to currently connected clients. This allows the clients to see the name, display name, description, and other data ...
Continue Reading
February 01, 2024
When running in a High Availability configuration, Mattermost fails to sanitize some of the user_updated and post_deleted events broadcast to all users, leading to disclosure of sensitive information ...
Continue Reading
February 01, 2024
Back to Main
