Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:40 p.m.8 views

CVE-2022-28149

Jenkins Job and Node ownership Plugin 0.13.0 and earlier does not escape the names of the secondary owners, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS5.4AI score0.00792EPSS
Exploits0References1
Circl
Circl
added 2022/03/29 4:41 p.m.6 views

CVE-2022-28149

creationtimestamp| type| source ---|---|--- 2022-03-29 16:41:11+00:00| seen| https://t.me/cibsecurity/39723...

5.4CVSS5.5AI score0.00792EPSS
Exploits0References1
NVD
NVD
added 2022/03/29 1:15 p.m.27 views

CVE-2022-28149

Jenkins Job and Node ownership Plugin 0.13.0 and earlier does not escape the names of the secondary owners, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS0.00792EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/03/29 1:15 p.m.5 views

CVE-2022-28149

Jenkins Job and Node ownership Plugin 0.13.0 and earlier does not escape the names of the secondary owners, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS5.8AI score0.00792EPSS
Exploits0References3
OSV
OSV
added 2022/03/29 1:15 p.m.18 views

CVE-2022-28149

Jenkins Job and Node ownership Plugin 0.13.0 and earlier does not escape the names of the secondary owners, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS5.6AI score
Exploits0References2
CVE
CVE
added 2022/03/29 12:31 p.m.124 views

CVE-2022-28149

CVE-2022-28149 affects Jenkins “Job and Node ownership” Plugin (versions 0.13.0 and earlier). The issue arises because secondary owner names are not escaped, causing stored XSS. Exploitation requires Item/Configure permission to trigger JavaScript execution in the client. No remediation details a...

5.4CVSS5.2AI score0.00792EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/03/29 12:31 p.m.36 views

CVE-2022-28149

Jenkins Job and Node ownership Plugin 0.13.0 and earlier does not escape the names of the secondary owners, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.7AI score0.00792EPSS
Exploits0References2
Rows per page
Query Builder