Lucene search
PRIOn knowledge basePRION:CVE-2022-46687HistoryDec 12, 2022 - 9:15 a.m.
Cross site scripting
2022-12-1209:15:00
PRIOn knowledge base
www.prio-n.com
2
jenkins
spring config plugin
xss
0.001 Low
EPSS
Percentile
33.5%
Jenkins Spring Config Plugin 2.0.0 and earlier does not escape build display names shown on the Spring Config view, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to change build display names.
| CPE | Name | Operator | Version |
|---|---|---|---|
| spring_config | lt | 2.0.1 |
Related
cve
cve
CVE-2022-46687
2022-12-12 09:15:13
osv
osv
Cross-site Scripting in Jenkins Spring Config Plugin
2022-12-12 09:30:35
github
github
Cross-site Scripting in Jenkins Spring Config Plugin
2022-12-12 09:30:35
cvelist
cvelist
CVE-2022-46687
2022-12-07 00:00:00
nvd
nvd
CVE-2022-46687
2022-12-12 09:15:13
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2022-12-07)
2023-07-31 00:00:00