Lucene search
+L

27 matches found

Cvelist
Cvelist
added 2022/05/17 2:6 p.m.39 views

CVE-2022-30961

Jenkins Autocomplete Parameter Plugin 1.1 and earlier does not escape the name of Dropdown Autocomplete and Auto Complete String parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.7AI score0.0073EPSS
Exploits0References1
CVE
CVE
added 2022/05/17 2:6 p.m.102 views

CVE-2022-30961

CVE-2022-30961 : Jenkins Autocomplete Parameter Plugin (versions 1.1 and earlier) exposes a stored XSS vulnerability. The plugin does not escape the names of Dropdown Autocomplete and Auto Complete String parameters on views where parameters are displayed, allowing an attacker with Item/Configure...

5.4CVSS5.4AI score0.0073EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/05/17 12:0 a.m.4 views

PT-2022-20417 · Jenkins · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins Autocomplete Parameter Plugin versions 1.1 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability due to the failure to escape the name of Dropdown Autocomplete and Auto Complete String parameter...

5.4CVSS5.8AI score0.0073EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/05/17 12:0 a.m.7 views

Jenkins Autocomplete Parameter Plugin 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. The vulnerability stems from the program not properly escaping the names of th...

5.4CVSS5.4AI score0.0073EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/05/17 12:0 a.m.3 views

PT-2022-20425 · Jenkins · Jenkins Autocomplete Parameter Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Autocomplete Parameter Plugin versions 1.1 and earlier Description: A cross-site request forgery CSRF issue allows attackers to execute arbitrary code without sandbox protection if the victim is an administrator. Recommendations: For...

8.8CVSS9.1AI score0.00836EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/05/17 12:0 a.m.5 views

Jenkins Autocomplete Parameter Plugin 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. The vulnerability can be exploited to execute arbitrary code without sandbox...

8.8CVSS8.3AI score0.00836EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/05/17 12:0 a.m.7 views

PT-2022-20427 · Jenkins · Jenkins Autocomplete Parameter Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Autocomplete Parameter Plugin versions 1.1 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because the plugin references certain parameter names in an unsafe manner from...

8CVSS5.4AI score0.00749EPSS
Exploits0References7
Rows per page
Query Builder