Jenkins Embeddable Build Status Plugin 2.0.3 allows specifying a ‘link’ query parameter that build status badges will link to, without restricting possible values, resulting in a reflected cross-site scripting (XSS) vulnerability. (CVSS:4.3) (Last Update:2022-06-29)Latest security vulnerabilities (Cross Site Scripting (XSS)) (CVSS score >= 4) Read More
CE Phoenix 1.0.8.20 Remote Code Execution
CE Phoenix version 1.0.8.20 remote code execution exploit written in Python. Exploit Files ≈ Packet Storm