Cross site scripting

2022-06-3018:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

22.2%

JSON

Jenkins Rich Text Publisher Plugin 1.4 and earlier does not escape the HTML message set by its post-build step, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure jobs.

CPENameOperatorVersion
rich_text_publisherle1.4

CPE	Name	Operator	Version
	rich_text_publisher	le	1.4

References

www.jenkins.io/security/advisory/2022-06-30/

0.001 Low

EPSS

Percentile

22.2%

JSON

Related for PRION:CVE-2022-34786