Lucene search
JenkinsCVELIST:CVE-2022-28159HistoryMar 29, 2022 - 12:31 p.m.
CVE-2022-28159
2022-03-2912:31:25
jenkins
www.cve.org
4
cve-2022-28159
jenkins
tests selector plugin
cross-site scripting
Jenkins Tests Selector Plugin 1.3.3 and earlier does not escape the Properties File Path option for Choosing Tests parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
CNA Affected
[
{
"product": "Jenkins Tests Selector Plugin",
"vendor": "Jenkins project",
"versions": [
{
"lessThanOrEqual": "1.3.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.3.3",
"versionType": "custom"
}
]
}
]Related
cnvd
cnvd
Jenkins Tests Selector Pluginθ·¨η«θζ¬ζΌζ΄
2022-03-31 00:00:00
nvd
nvd
CVE-2022-28159
2022-03-29 13:15:10
cve
cve
CVE-2022-28159
2022-03-29 13:15:10
osv
osv
CVE-2022-28159
2022-03-29 13:15:10
Stored Cross-site Scripting vulnerability in Jenkins Tests Selector Plugin
2022-03-30 00:00:21
prion
prion
Cross site scripting
2022-03-29 13:15:00
github
github
Stored Cross-site Scripting vulnerability in Jenkins Tests Selector Plugin
2022-03-30 00:00:21
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2022-03-29)
2022-03-31 00:00:00