Lucene search
China National Vulnerability DatabaseCNVD-2022-72211HistoryMay 06, 2022 - 12:00 a.m.
Woodpecker Cross-Site Scripting Vulnerability
2022-05-0600:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
0.001 Low
EPSS
Percentile
26.4%
Woodpecker is a community branch of the Drone CI system. A cross-site scripting vulnerability exists in versions prior to Woodpecker 0.15.1, which stems from a missing escape in web/src/components/repo/build/BuildLog.vue. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
| CPE | Name | Operator | Version |
|---|---|---|---|
| woodpecker woodpecker | lt | 0.15.1 |
Related
github
github
Woodpecker allows cross-site scripting (XSS) via build logs
2022-04-30 00:00:33
cve
cve
CVE-2022-29947
2022-04-29 21:15:07
osv
osv
Woodpecker allows cross-site scripting (XSS) via build logs
2022-04-30 00:00:33
CVE-2022-29947
2022-04-29 21:15:07
cvelist
cvelist
CVE-2022-29947
2022-04-29 20:23:22
nvd
nvd
CVE-2022-29947
2022-04-29 21:15:07
veracode
veracode
Cross-Site Scripting (XSS)
2022-05-04 05:21:23
prion
prion
Cross site scripting
2022-04-29 21:15:00