Lucene search
Redhat.comRH:CVE-2022-45380HistoryNov 16, 2022 - 2:56 a.m.
CVE-2022-45380
2022-11-1602:56:07
redhat.com
access.redhat.com
18
flaw
junit jenkins plugin
stored xss attack
clickable links
test report output
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
33.4%
A flaw was found in the JUnit Jenkins Plugin. The affected version of the JUnit plugin converts HTTP(S) URLs in test report output to clickable links, which leads to a stored Cross-site scripting (XSS) attack.
Related
veracode
veracode
Cross-site Scripting (XSS)
2023-03-07 00:49:52
osv
osv
Jenkins JUnit Plugin subject to Cross-site Scripting via URL conversion
2022-11-16 12:00:22
CVE-2022-45380
2022-11-15 20:15:11
github
github
Jenkins JUnit Plugin subject to Cross-site Scripting via URL conversion
2022-11-16 12:00:22
alpinelinux
alpinelinux
CVE-2022-45380
2022-11-15 20:15:11
nvd
nvd
CVE-2022-45380
2022-11-15 20:15:11
cvelist
cvelist
CVE-2022-45380
2022-11-15 00:00:00
prion
prion
Cross site scripting
2022-11-15 20:15:00
cve
cve
CVE-2022-45380
2022-11-15 20:15:11
cbl_mariner
cbl_mariner
CVE-2022-45380 affecting package junit 4.13-5
2024-06-25 21:08:29
redhat
redhat
nessus
nessus
RHCOS 4 : OpenShift Container Platform 4.10.51 (RHSA-2023:0560)
2024-01-24 00:00:00
RHEL 8 : OpenShift Container Platform 4.9.56 (RHSA-2023:0777)
2024-04-23 00:00:00
RHEL 8 : OpenShift Container Platform 4.10.51 (RHSA-2023:0560)
2024-04-28 00:00:00
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
33.4%
Related for RH:CVE-2022-45380