Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier does not escape the name and description of Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Alpine | 3.15-community | noarch | jenkins | = 2.319.3-r0 | UNKNOWN |
Alpine | 3.16-community | noarch | jenkins | = 2.346.2-r0 | UNKNOWN |
Alpine | 3.17-community | noarch | jenkins | = 2.361.2-r0 | UNKNOWN |
Alpine | 3.18-community | noarch | jenkins | = 2.387.3-r0 | UNKNOWN |
Alpine | edge-community | noarch | jenkins | = 2.440.2-r0 | UNKNOWN |
Alpine | 3.19-community | noarch | jenkins | = 2.440.3-r0 | UNKNOWN |