Lucene search
China National Vulnerability DatabaseCNVD-2022-08040HistoryJan 16, 2022 - 12:00 a.m.
Jenkins Badge Plugin Cross-Site Scripting Vulnerability
2022-01-1600:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
0.001 Low
EPSS
Percentile
22.2%
Jenkins is a Jenkins open source application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Badge Plugin in version 1.9 and earlier has a cross-site scripting vulnerability, which stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jenkins badge plugin | le | 1.9 |
Related
osv
osv
Stored XSS vulnerability in Jenkins Badge Plugin
2022-01-13 00:00:54
CVE-2022-23108
2022-01-12 20:15:09
prion
prion
Cross site scripting
2022-01-12 20:15:00
github
github
Stored XSS vulnerability in Jenkins Badge Plugin
2022-01-13 00:00:54
cvelist
cvelist
CVE-2022-23108
2022-01-12 19:06:08
cve
cve
CVE-2022-23108
2022-01-12 20:15:09
nvd
nvd
CVE-2022-23108
2022-01-12 20:15:09
nessus
nessus
Jenkins Enterprise and Operations Center < 2.277.43.0.5 / 2.319.2.5 Multiple Vulnerabilities (CloudBees Security Advisory 2022-01-12)
2022-02-15 00:00:00
Jenkins LTS < 2.319.2 / Jenkins weekly < 2.330 Multiple Vulnerabilities
2022-01-21 00:00:00
Jenkins plugins Multiple Vulnerabilities (2022-01-12)
2022-01-21 00:00:00