CVE-2022-41253 The Jenkins CONS3RT Plugin 1.0.0 and earlier has a CSRF vulnerability that allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method.
This CSRF vulnerability can be exploited by an attacker who controls a target Jenkins installation and configures the plugin to pass login credentials to another
CVE-2022-40754 The webserver's `/confirm` endpoint had an open redirect.
This would redirect a user to their email if they had requested a confirmation link. This was fixed in 2.3.5. Upgrading to 2.
CVE-2022-40604 Airflow url had formatting issue, allowing for information extraction.
The following flow was not escaping all text within it, allowing for cross site scripting (XSS) attacks. a href="%= request.getPathName() %>">
CVE-2022-35957 Grafana is an open-source platform for monitoring and observability
There is a critical vulnerability in all versions of Grafana from 8.5.13 to 9.1.6 that can be exploited by an anonymous
CVE-2022-33735 There is a password verification vulnerability in WS7200-10 11.0.2.13
There is a cross-site scripting (XSS) vulnerability in WS7200-10 11.0.2.13. An attacker can inject malicious code into the Web page, which may
Episode
00:00:00
00:00:00