Lucene search
JenkinsCVELIST:CVE-2022-34184HistoryJun 22, 2022 - 2:41 p.m.
CVE-2022-34184
2022-06-2214:41:12
jenkins
www.cve.org
3
jenkins
crx content package deployer
stored xss
Jenkins CRX Content Package Deployer Plugin 1.9 and earlier does not escape the name and description of CRX Content Package Choice parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
CNA Affected
[
{
"product": "Jenkins CRX Content Package Deployer Plugin",
"vendor": "Jenkins project",
"versions": [
{
"lessThanOrEqual": "1.9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.9",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site scripting
2022-06-23 17:15:00
osv
osv
CVE-2022-34184
2022-06-23 17:15:16
Cross-site Scripting in Jenkins CRX Content Package Deployer Plugin
2022-06-24 00:00:31
cnvd
cnvd
cve
cve
CVE-2022-34184
2022-06-23 17:15:16
nvd
nvd
CVE-2022-34184
2022-06-23 17:15:16
github
github
Cross-site Scripting in Jenkins CRX Content Package Deployer Plugin
2022-06-24 00:00:31
nessus
nessus
Jenkins LTS < 2.332.4 / Jenkins weekly < 2.356 Multiple Vulnerabilities
2022-07-15 00:00:00
Jenkins Enterprise and Operations Center 2.303.x < 2.303.30.0.14 / 2.332.4.1 / 2.346.1.4 Multiple Vulnerabilities (CloudBees Security Advisory 2022-06-22)
2022-07-05 00:00:00
Jenkins plugins Multiple Vulnerabilities (2022-06-22)
2022-07-15 00:00:00