Lucene search
HistoryNov 15, 2022 - 8:15 p.m.
CVE-2022-45380
jenkins
junit plugin
vulnerability
url handling
cross-site scripting
xss
stored
http
https
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
33.3%
Jenkins JUnit Plugin 1159.v0b_396e1e07dd and earlier converts HTTP(S) URLs in test report output to clickable links in an unsafe manner, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
Affected configurations
Node
jenkinsjunitRange<1160.vf1f01a_a_ea_b_7fjenkins
Related
veracode
veracode
Cross-site Scripting (XSS)
2023-03-07 00:49:52
osv
osv
Jenkins JUnit Plugin subject to Cross-site Scripting via URL conversion
2022-11-16 12:00:22
CVE-2022-45380
2022-11-15 20:15:11
github
github
Jenkins JUnit Plugin subject to Cross-site Scripting via URL conversion
2022-11-16 12:00:22
redhatcve
redhatcve
CVE-2022-45380
2022-11-16 02:56:07
alpinelinux
alpinelinux
CVE-2022-45380
2022-11-15 20:15:11
prion
prion
Cross site scripting
2022-11-15 20:15:00
cve
cve
CVE-2022-45380
2022-11-15 20:15:11
cvelist
cvelist
CVE-2022-45380
2022-11-15 00:00:00
cbl_mariner
cbl_mariner
CVE-2022-45380 affecting package junit 4.13-5
2024-09-28 16:03:15
nessus
nessus
RHCOS 4 : OpenShift Container Platform 4.10.51 (RHSA-2023:0560)
2024-01-24 00:00:00
RHEL 8 : OpenShift Container Platform 4.10.51 (RHSA-2023:0560)
2024-04-28 00:00:00
RHCOS 4 : OpenShift Container Platform 4.9.56 (RHSA-2023:0777)
2024-01-24 00:00:00
redhat
redhat
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
33.3%
Related for NVD:CVE-2022-45380