Lucene search
China National Vulnerability DatabaseCNVD-2022-72211HistoryMay 06, 2022 - 12:00 a.m.
Woodpecker Cross-Site Scripting Vulnerability
2022-05-0600:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
woodpecker
cross-site scripting
vulnerability
javascript
exploit
client side
EPSS
0.001
Percentile
26.2%
Woodpecker is a community branch of the Drone CI system. A cross-site scripting vulnerability exists in versions prior to Woodpecker 0.15.1, which stems from a missing escape in web/src/components/repo/build/BuildLog.vue. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
Related
osv
osv
Woodpecker allows cross-site scripting (XSS) via build logs in github.com/woodpecker-ci/woodpecker
2024-08-21 15:11:31
Woodpecker allows cross-site scripting (XSS) via build logs
2022-04-30 00:00:33
CVE-2022-29947
2022-04-29 21:15:07
github
github
Woodpecker allows cross-site scripting (XSS) via build logs
2022-04-30 00:00:33
cvelist
cvelist
CVE-2022-29947
2022-04-29 20:23:22
cve
cve
CVE-2022-29947
2022-04-29 21:15:07
nvd
nvd
CVE-2022-29947
2022-04-29 21:15:07
prion
prion
Cross site scripting
2022-04-29 21:15:00
veracode
veracode
Cross-Site Scripting (XSS)
2022-05-04 05:21:23