有新的漏洞组件被发现啦,组件ID:Eyou
A stored cross-site scripting (XSS) vulnerability in eyoucms v1.5.6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL field under the login page.

Eyoucms v1.5.6中的一个存储跨网站脚本(XSS)漏洞允许攻击者通过注入到登录页面下的 URL 字段中的一个精心制作的有效负载来执行任意的 web 脚本或 HTML。

有新的漏洞组件被发现啦,组件ID:Django
The django-navbar-client package of v0.9.50 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

发现 v0.9.50到 v1.0.1的 django-navbar-client 包通过请求包包含一个代码执行后门。此漏洞允许攻击者访问敏感的用户信息和数字货币密钥，以及升级特权。

有新的漏洞组件被发现啦,组件ID:Docker
Wire is a secure messaging application. Wire is vulnerable to arbitrary HTML and Javascript execution via insufficient escaping when rendering `@mentions` in the wire-webapp. If a user receives and views a malicious message, arbitrary code is injected and executed in the context of the victim allowing the attacker to fully control the user account. Wire-desktop clients that are connected to a vulnerable wire-webapp version are also vulnerable to this attack. The issue has been fixed in wire-webapp 2022-05-04-production.0 and is already deployed on all Wire managed services. On-premise instances of wire-webapp need to be updated to docker tag 2022-05-04-production.0-v0.29.7-0-a6f2ded or wire-server 2022-05-04 (chart/4.11.0) or later. No known workarounds exist.

Wire 是一个安全的消息传递应用程序。在 Wire-webapp 中呈现“@提及”时，由于转义不充分，Wire 容易受到任意 HTML 和 Javascript 执行的影响。如果用户接收并查看恶意消息，就会在受害者的上下文中注入并执行任意代码，从而允许攻击者完全控制用户帐户。连接到易受攻击的 wire-webapp 版本的有线桌面客户端也容易受到这种攻击。这个问题已经在 Wire-webapp 2022-05-04-production.0中得到解决

有新的漏洞组件被发现啦,组件ID:Apache
The www-data (Apache web server) account is configured to run sudo with no password for many commands (including /bin/sh and /bin/bash).

Www-data (Apache HTTP Server)帐户配置为运行 sudo，许多命令(包括/bin/sh 和/bin/bash)不需要密码。

有新的漏洞组件被发现啦,组件ID:Apache Tomcat
有新的漏洞组件被发现啦,组件ID:Apache
In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability.

在 Apache Tomcat 10.1.0-M1到10.1.0-M16,10.0.0-M1到10.0.22,9.0.30到9.0.64和8.5.50到8.5.81中，示例 web 应用中的 Form 身份验证示例显示用户未经过滤提供的数据，暴露了 XSS 漏洞。

有新的漏洞组件被发现啦,组件ID:OpenAm
The NT auth module in OpenAM before 14.6.6 allows a "replace Samba username attack."

OpenAM 在14.6.6之前的 NT auth 模块允许“替换 Samba 用户名攻击”

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins Squash TM Publisher (Squash4Jenkins) Plugin 1.0.0 and earlier stores passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.

Jenkins Squash TM Publisher (Squash4Jenkins) Plugin 1.0.0及更早版本的插件将未加密的密码存储在 Jenkins 控制器的全局配置文件中，用户可以通过访问 Jenkins 控制器文件系统查看这些密码。

有新的漏洞组件被发现啦,组件ID:Jenkins
A missing permission check in Jenkins vRealize Orchestrator Plugin 3.0 and earlier allows attackers with Overall/Read permission to send an HTTP POST request to an attacker-specified URL.

在 Jenkins vRealize Associator Plugin 3.0及更早版本中缺少的权限检查允许具有“总体/读”权限的攻击者向攻击者指定的 URL 发送 HTTP POST 请求。

有新的漏洞组件被发现啦,组件ID:Jenkins
A cross-site request forgery (CSRF) vulnerability in Jenkins vRealize Orchestrator Plugin 3.0 and earlier allows attackers to send an HTTP POST request to an attacker-specified URL.

詹金斯 vRealize 腰编者插件3.0及更早版本中的一个跨站请求伪造(CSRF)漏洞允许攻击者向攻击者指定的 URL 发送一个 HTTP POST 请求。

有新的漏洞组件被发现啦,组件ID:Jenkins
A missing permission check in Jenkins ThreadFix Plugin 1.5.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.

Jenkins ThreadFix Plugin 1.5.4及更早版本中缺少的权限检查允许具有“整体/读”权限的攻击者连接到攻击者指定的 URL。

有新的漏洞组件被发现啦,组件ID:Jenkins
A cross-site request forgery (CSRF) vulnerability in Jenkins ThreadFix Plugin 1.5.4 and earlier allows attackers to connect to an attacker-specified URL.

Jenkins ThreadFix Plugin 1.5.4及更早版本中的一个跨站请求伪造(CSRF)漏洞允许攻击者连接到攻击者指定的 URL。

有新的漏洞组件被发现啦,组件ID:Jenkins
A missing permission check in Jenkins Beaker builder Plugin 1.10 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.

Jenkins Beaker 构建器 Plugin 1.10及更早版本中缺少的权限检查允许具有“整体/读”权限的攻击者连接到攻击者指定的 URL。

有新的漏洞组件被发现啦,组件ID:Jenkins
A cross-site request forgery (CSRF) vulnerability in Jenkins Beaker builder Plugin 1.10 and earlier allows attackers to connect to an attacker-specified URL.

Jenkins Beaker 插件1.10及更早版本中的一个跨站请求伪造(CSRF)漏洞允许攻击者连接到攻击者指定的 URL。

有新的漏洞组件被发现啦,组件ID:Jenkins
A missing permission check in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers with Overall/Read permission to send HTTP POST requests to an attacker-specified URL.

Jenkins Jiliao Notification Plugin 1.1及更早版本中缺少的权限检查允许具有整体/读权限的攻击者向攻击者指定的 URL 发送 HTTP POST 请求。

有新的漏洞组件被发现啦,组件ID:Jenkins
A cross-site request forgery (CSRF) vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL.

詹金斯健辽通知插件1.1及更早版本中的一个跨站请求伪造(CSRF)漏洞允许攻击者向攻击者指定的 URL 发送 HTTP POST 请求。

有新的漏洞组件被发现啦,组件ID:Jenkins
A missing permission check in Jenkins EasyQA Plugin 1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server.

Jenkins EasyQA Plugin 1.0及更早版本中缺少的权限检查允许具有“整体/读”权限的攻击者连接到攻击者指定的 HTTP 服务器。

有新的漏洞组件被发现啦,组件ID:Jenkins
A cross-site request forgery (CSRF) vulnerability in Jenkins EasyQA Plugin 1.0 and earlier allows attackers to connect to an attacker-specified HTTP server.

Jenkins EasyQA Plugin 1.0及更早版本中的一个跨站请求伪造(CSRF)漏洞允许攻击者连接到攻击者指定的 HTTP 服务器。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins EasyQA Plugin 1.0 and earlier stores user passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.

Jenkins EasyQA Plugin 1.0和更早的版本将未加密的用户密码存储在 Jenkins 控制器的全局配置文件中，用户可以通过访问 Jenkins 控制器文件系统查看这些密码。

有新的漏洞组件被发现啦,组件ID:Jenkins
A missing permission check in Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.

Jenkins Convertigo Mobile Platform Plugin 1.1及更早版本中缺少的权限检查允许具有“整体/读”权限的攻击者连接到攻击者指定的 URL。

有新的漏洞组件被发现啦,组件ID:Jenkins
A cross-site request forgery (CSRF) vulnerability in Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier allows attackers to connect to an attacker-specified URL.

Jenkins Convertigo 移动平台插件1.1及更早版本中的一个跨站请求伪造(CSRF)漏洞允许攻击者连接到攻击者指定的 URL。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.

Jenkins Convertigo Mobile Platform Plugin 1.1和更早版本的插件将未加密的密码存储在作业 config.xml 文件中，存储在 Jenkins 控制器上，用户可以通过扩展阅读权限查看密码，或访问 Jenkins 控制器文件系统。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins Stash Branch Parameter Plugin 0.3.0 and earlier does not escape the name and description of Stash Branch parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

詹金斯存储分支参数插件0.3.0及更早版本的插件在视图显示参数时不会逃避存储分支参数的名称和描述，导致存储跨网站脚本(XSS)漏洞可被具有 Item/Configure 权限的攻击者利用。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins Sauce OnDemand Plugin 1.204 and earlier does not escape the name and description of Sauce Labs Browsers parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

Jenkins Sauce onDemand Plugin 1.204及更早版本的浏览器参数名称和描述不会在视图中显示参数，导致存储的跨网站脚本(XSS)漏洞可被具有 Item/Configure 权限的攻击者利用。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins REST List Parameter Plugin 1.5.2 and earlier does not escape the name and description of REST list parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

Jenkins REST 列表参数插件1.5.2及更早版本的插件在视图显示参数时不会逃避 REST 列表参数的名称和描述，导致存储的跨网站脚本(XSS)漏洞可被具有 Item/Configure 权限的攻击者利用。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins Repository Connector Plugin 2.2.0 and earlier does not escape the name and description of Maven Repository Artifact parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

Jenkins Repository Connector Plugin 2.2.0及更早版本的插件在视图显示参数时不会逃避 Maven Repository Artifact 参数的名称和描述，导致存储跨网站脚本(XSS)漏洞可被具有 Item/Configure 权限的攻击者利用。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins Readonly Parameter Plugin 1.0.0 and earlier does not escape the name and description of Readonly String and Readonly Text parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

Jenkins Readonly Parameter Plugin 1.0.0及更早版本的插件在视图显示参数时不会逃避 Readonly String 和 Readonly Text 参数的名称和描述，导致存储的跨网站脚本(XSS)漏洞可被具有 Item/Configure 权限的攻击者利用。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins Package Version Plugin 1.0.1 and earlier does not escape the name of Package version parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

Jenkins Package Version Plugin 1.0.1及更早版本的插件在视图显示参数时不会逃避 Package 版本参数的名称，导致存储跨网站脚本(XSS)漏洞可被具有 Item/Configure 权限的攻击者利用。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins ontrack Jenkins Plugin 4.0.0 and earlier does not escape the name of Ontrack: Multi Parameter choice, Ontrack: Parameter choice, and Ontrack: SingleParameter parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

Jenkins Ontrack Jenkins Plugin 4.0.0及更早版本的插件不能逃避 Ontrack 的名称: 多参数选择、 Ontrack: 参数选择和 Ontrack: 单参数视图上显示参数的参数，导致存储的跨网站脚本(XSS)漏洞可被具有 Item/Configure 权限的攻击者利用。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.77 and earlier does not escape the name of NetStorm Test parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

Jenkins NS-nd 集成性能发布插件4.8.0.77及更早版本的插件在视图显示参数时不能逃避 NetStorm 测试参数的名称，导致存储跨网站脚本(XSS)漏洞可被具有 Item/Configure 权限的攻击者利用。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins Maven Metadata Plugin for Jenkins CI server Plugin 2.1 and earlier does not escape the name and description of List maven artifact versions parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

Jenkins Maven Metadata Plugin for Jenkins CI server Plugin 2.1及更早的版本在视图显示参数时不能逃避列表 Maven 工件版本参数的名称和描述，导致存储的跨网站脚本(XSS)漏洞可被具有 Item/Configure 权限的攻击者利用。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins Image Tag Parameter Plugin 1.10 and earlier does not escape the name and description of Image Tag parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

詹金斯图像标记参数插件1.10及更早版本的插件在视图显示参数时不会逃避图像标记参数的名称和描述，导致存储的跨网站脚本(XSS)漏洞可被具有项目/配置权限的攻击者利用。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins Hidden Parameter Plugin 0.0.4 and earlier does not escape the name and description of Hidden Parameter parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

詹金斯隐藏参数插件0.0.4及更早版本在视图显示参数时不会逃避隐藏参数参数的名称和描述，导致存储跨网站脚本(XSS)漏洞可被具有 Item/Configure 权限的攻击者利用。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins Filesystem List Parameter Plugin 0.0.7 and earlier does not escape the name and description of File system objects list parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

詹金斯文件系统列表参数插件0.0.7及以前版本的文件系统对象列表参数的名称和描述不会在视图显示参数中转义，导致存储的跨网站脚本(XSS)漏洞可被具有 Item/Configure 权限的攻击者利用。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape the name and description of Moded Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

詹金斯动态扩展选择参数插件1.0.1及更早版本的插件在视图显示参数时不会逃避模式扩展选择参数的名称和描述，导致存储的跨网站脚本(XSS)漏洞可被具有 Item/Configure 权限的攻击者利用。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins Date Parameter Plugin 0.0.4 and earlier does not escape the name and description of Date parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

詹金斯日期参数插件0.0.4及更早版本的插件不会在视图显示参数时逃避日期参数的名称和描述，导致存储的跨网站脚本(XSS)漏洞可被具有 Item/Configure 权限的攻击者利用。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins CRX Content Package Deployer Plugin 1.9 and earlier does not escape the name and description of CRX Content Package Choice parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

Jenkins CRX Content Package Deployer Plugin 1.9及以前的版本在视图显示参数时没有逃避 CRX Content Package Choice 参数的名称和描述，导致存储的跨网站脚本(XSS)漏洞可被具有 Item/Configure 权限的攻击者利用。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins Agent Server Parameter Plugin 1.1 and earlier does not escape the name and description of Agent Server parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

Jenkins Agent Server Parameter Plugin 1.1及更早版本的代理服务器参数插件在视图显示参数时不会逃避代理服务器参数的名称和描述，导致存储跨网站脚本(XSS)漏洞可被具有 Item/Configure 权限的攻击者利用。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins Nested View Plugin 1.20 through 1.25 (both inclusive) does not escape search parameters, resulting in a reflected cross-site scripting (XSS) vulnerability.

Jenkins 嵌套视图插件1.20到1.25(两者都包含)不能逃避搜索参数，导致反射跨网站脚本(XSS)漏洞。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins xUnit Plugin 3.0.8 and earlier implements an agent-to-controller message that creates a user-specified directory if it doesn't exist, and parsing files inside it as test results, allowing attackers able to control agent processes to create an arbitrary directory on the Jenkins controller or to obtain test results from existing files in an attacker-specified directory.

Jenkins xUnit Plugin 3.0.8及更早版本实现了一个代理到控制器的消息，如果用户指定的目录不存在，就创建一个该目录，并将其中的文件解析为测试结果，允许攻击者能够控制代理进程在 Jenkins 控制器上创建一个任意目录，或者从攻击者指定目录中的现有文件中获得测试结果。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins Embeddable Build Status Plugin 2.0.3 and earlier does not correctly perform the ViewStatus permission check in the HTTP endpoint it provides for "unprotected" status badge access, allowing attackers without any permissions to obtain the build status badge icon for any attacker-specified job and/or build.

Jenkins Embeddable Build Status Plugin 2.0.3及更早版本没有正确地在 HTTP 端点执行 ViewStatus 权限检查，它提供了“ unprotected”状态徽章访问，允许没有任何权限的攻击者为任何攻击者指定的作业和/或构建获取构建状态徽章图标。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins Embeddable Build Status Plugin 2.0.3 and earlier allows specifying a `style` query parameter that is used to choose a different SVG image style without restricting possible values, resulting in a relative path traversal vulnerability that allows attackers without Overall/Read permission to specify paths to other SVG images on the Jenkins controller file system.

詹金斯嵌入式构建状态插件2.0.3及更早版本允许指定一个“样式”查询参数，用于选择不同的 SVG 图像样式而不限制可能的值，导致相对路径遍历漏洞，允许攻击者在没有“总体/读”权限的情况下指定到詹金斯控制器文件系统上其他 SVG 图像的路径。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins Embeddable Build Status Plugin 2.0.3 allows specifying a 'link' query parameter that build status badges will link to, without restricting possible values, resulting in a reflected cross-site scripting (XSS) vulnerability.

詹金斯嵌入式构建状态插件2.0.3允许指定一个“链接”查询参数，构建状态徽章将链接到这个参数，而不限制可能的值，从而导致反射跨网站脚本(XSS)漏洞。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins Pipeline: Input Step Plugin 448.v37cea_9a_10a_70 and earlier archives files uploaded for `file` parameters for Pipeline `input` steps on the controller as part of build metadata, using the parameter name without sanitization as a relative path inside a build-related directory, allowing attackers able to configure Pipelines to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content.

Jenkins 管道: 输入步骤插件448.v37cea _ 9a _ 10a _ 70和早期的归档文件上传到控制器上的“文件”参数为管道“输入”步骤作为构建元数据的一部分，使用参数名称而不消毒作为构建相关目录中的相对路径，允许攻击者能够配置管道在 Jenkins 控制器文件系统上创建或替换具有攻击者指定内容的任意文件。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins JUnit Plugin 1119.va_a_5e9068da_d7 and earlier does not escape descriptions of test results, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Run/Update permission.

Jenkins jUnit Plugin 1119.va _ a _ 5e9068da _ d7及更早版本的插件不能逃避测试结果的描述，导致存储的跨网站脚本(xSS)漏洞可被具有 Run/Update 权限的攻击者利用。

有新的漏洞组件被发现啦,组件ID:Jenkins
Jenkins 2.335 through 2.355 (both inclusive) allows attackers in some cases to bypass a protection mechanism, thereby directly accessing some view fragments containing sensitive information, bypassing any permission checks in the corresponding view.

Jenkins 2.335到2.355(两者都包含)允许攻击者在某些情况下绕过保护机制，从而直接访问一些包含敏感信息的视图片段，绕过相应视图中的任何权限检查。

有新的漏洞组件被发现啦,组件ID:Jenkins
In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, when using the Jenkins user database security realm.

在 Jenkins 2.355及更早版本、 LTS 2.332.3及更早版本中，当使用 Jenkins 用户数据库安全域时，在登录表单上可观察到的时间差异允许区分使用无效用户名的登录尝试和使用有效用户名和错误密码的登录尝试。

有新的漏洞组件被发现啦,组件ID:Jenkins
In Jenkins 2.340 through 2.355 (both inclusive) the tooltip of the build button in list views supports HTML without escaping the job display name, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.

在 Jenkins 2.340到2.355(两者都包括在内)中，列表视图中构建按钮的工具提示支持 HTML，而不会逃脱作业显示名称，导致一个跨网站脚本(XSS)漏洞可被攻击者利用，并获得作业/配置权限。

有新的漏洞组件被发现啦,组件ID:Jenkins
In Jenkins 2.340 through 2.355 (both inclusive) symbol-based icons unescape previously escaped values of 'tooltip' parameters, resulting in a cross-site scripting (XSS) vulnerability.

在 Jenkins 2.340到2.355(两者都包含)中，基于符号的图标 unescape 先前逃脱了“工具提示”参数的值，导致了一个跨网站脚本(XSS)漏洞。

有新的漏洞组件被发现啦,组件ID:Jenkins
In Jenkins 2.321 through 2.355 (both inclusive) and LTS 2.332.1 through LTS 2.332.3 (both inclusive) the HTML output generated for new symbol-based SVG icons includes the 'title' attribute of 'l:ionicon' (until Jenkins 2.334) and 'alt' attribute of 'l:icon' (since Jenkins 2.335) without further escaping, resulting in a cross-site scripting (XSS) vulnerability.

在詹金斯2.321至2.355(包含)和 LTS 2.332.1至 LTS 2.332.3(包含)中，为新的基于符号的 SVG 图标生成的 HTML 输出包括“ l: ionicon”的“ title”属性(直到詹金斯2.334)和“ l: icon”的“ alt”属性(自詹金斯2.335以来) ，没有进一步转义，导致跨网站脚本(XSS)漏洞。

有新的漏洞组件被发现啦,组件ID:Jenkins
In Jenkins 2.320 through 2.355 (both inclusive) and LTS 2.332.1 through LTS 2.332.3 (both inclusive) the help icon does not escape the feature name that is part of its tooltip, effectively undoing the fix for SECURITY-1955, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.

在 Jenkins 2.320到2.355(两者都包含)和 LTS 2.332.1到 LTS 2.332.3(两者都包含)中，帮助图标没有逃避工具提示中的特性名称，有效地撤销了对 SECURITY-1955的修复，导致了一个跨网站脚本(XSS)漏洞可被攻击者在 Job/Configure 许可下利用。

有新的漏洞组件被发现啦,组件ID:Apache
Apache Sling Commons Log <= 5.4.0 and Apache Sling API <= 2.25.0 are vulnerable to log injection. The ability to forge logs may allow an attacker to cover tracks by injecting fake logs and potentially corrupt log files.

Apache Sling Commons Log < = 5.4.0和 Apache Sling API < = 2.25.0都容易受到日志注入的影响。伪造日志的能力可能允许攻击者通过注入伪造日志和潜在的损坏日志文件来掩盖踪迹。

有新的漏洞组件被发现啦,组件ID:SaltStack
An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. PAM auth fails to reject locked accounts, which allows a previously authorized user whose account is locked still run Salt commands when their account is locked. This affects both local shell accounts with an active session and salt-api users that authenticate via PAM eauth.

在3002.9,3003.5,3004.2之前的版本中，在 SaltStack Salt 中发现了一个问题。PAM auth 无法拒绝锁定的帐户，这允许帐户被锁定的以前授权的用户在其帐户被锁定时仍然运行 Salt 命令。这会影响具有活动会话的本地 shell 帐户和通过 PAM eauth 进行身份验证的 salt-api 用户。

有新的漏洞组件被发现啦,组件ID:Apache
Versions of the Amazon AWS Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3.5 are affected by a race condition that could lead to a local privilege escalation. This Hotpatch package is not a replacement for updating to a log4j version that mitigates CVE-2021-44228 or CVE-2021-45046; it provides a temporary mitigation to CVE-2021-44228 by hotpatching the local Java virtual machines. To do so, it iterates through all running Java processes, performs several checks, and executes the Java virtual machine with the same permissions and capabilities as the running process to load the hotpatch. A local user could cause the hotpatch script to execute a binary with elevated privileges by running a custom java process that performs exec() of an SUID binary after the hotpatch has observed the process path and before it has observed its effective user ID.

在 Log4j-cve-2021-44228-hotpatch-1.3.5之前的亚马逊 AWS Apache Log4j hotpatch 包的版本受到竞态条件的影响，可能导致本地权限提升。这个 Hotpatch 软件包并不能替代升级到 log

有新的漏洞组件被发现啦,组件ID:Flask
A vulnerability in Antminer Monitor 0.50.0 exists because of backdoor or misconfiguration inside a settings file in flask server. Settings file has a predefined secret string, which would be randomly generated, however it is static.

Antminer Monitor 0.50.0中存在一个漏洞，这是由于烧瓶服务器中的设置文件中存在后门或配置错误。设置文件有一个预定义的秘密字符串，它将随机生成，但它是静态的。

有新的漏洞组件被发现啦,组件ID:ZCMS
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/ztliuyan_sendmail.php (when the attacker has admin authority) via the id parameter.

在2019年的美国精神病学会会议上发现了一个问题。在/admin/ztliuyan _ sendmail.php 中(当攻击者拥有管理权限时)通过 id 参数有一个 SQL 注入漏洞。

有新的漏洞组件被发现啦,组件ID:ZCMS
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendsms.php (when the attacker has dls_print authority) via a dlid cookie.

在2019年的美国精神病学会会议上发现了一个问题。在/dl/dl _ sendsms.php 中(当攻击者拥有 dls _ print 权限时)有一个 SQL 注入漏洞通过一个 dlidcookie。

有新的漏洞组件被发现啦,组件ID:ZCMS
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/deluser.php (when the attacker has admin authority) via the id parameter.

在2019年的美国精神病学会会议上发现了一个问题。在/admin/deluser.php 中(当攻击者拥有管理权限时)通过 id 参数有一个 SQL 注入漏洞。

有新的漏洞组件被发现啦,组件ID:ZCMS
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_download.php (when the attacker has dls_download authority) via the id parameter.

在2019年的美国精神病学会会议上发现了一个问题。在/user/dls _ download.php 中(当攻击者拥有 dls _ download 权限时)通过 id 参数有一个 SQL 注入漏洞。

有新的漏洞组件被发现啦,组件ID:ZCMS
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_print.php (when the attacker has dls_print authority) via the id parameter.

在2019年的美国精神病学会会议上发现了一个问题。在/user/dls _ print.php 中(当攻击者拥有 dls _ print 权限时)通过 id 参数有一个 SQL 注入漏洞。

有新的漏洞组件被发现啦,组件ID:ZCMS
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/showbad.php (when the attacker has admin authority) via the id parameter.

在2019年的美国精神病学会会议上发现了一个问题。在/admin/showbad.php 中(当攻击者拥有管理权限时)通过 id 参数有一个 SQL 注入漏洞。