Logo
Lucene search
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
SIGN IN

Build Step Plugin Security Vulnerabilities

NVD CVE

CVE-2023-25762

Jenkins Pipeline: Build Step Plugin 2.18 and earlier does not escape job names in a JavaScript expression used in the Pipeline Snippet Generator, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control job...

5.4 CVSS

5.2 AI Score

0.001 EPSS

2023-02-15 02:15 PM
84
NVD CVE

CVE-2022-25184

Jenkins Pipeline: Build Step Plugin 2.15 and earlier reveals password parameter default values when generating a pipeline script using the Pipeline Snippet Generator, allowing attackers with Item/Read permission to retrieve the default password parameter value from...

6.5 CVSS

3.8 AI Score

0.001 EPSS

2022-02-15 05:15 PM
151