Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2022/08/19 5:14 a.m.563 views

CVE-2022-34171

In Jenkins 2.321 through 2.355 both inclusive and LTS 2.332.1 through LTS 2.332.3 both inclusive the HTML output generated for new symbol-based SVG icons includes the 'title' attribute of 'l:ionicon' until Jenkins 2.334 and 'alt' attribute of 'l:icon' since Jenkins 2.335 without further escaping,...

6.1CVSS0.6AI score0.01361EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/06/24 12:0 a.m.21 views

Jenkins 2.321 < 2.356, 2.332.1 LTS < 2.332.4 LTS XSS Vulnerability (SECURITY-2761) - Windows

Jenkins is prone to a cross-site scripting XSS vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

5.4CVSS5.5AI score0.01361EPSS
Exploits0References1
Circl
Circl
added 2022/06/23 8:35 p.m.6 views

CVE-2022-34171

creationtimestamp| type| source ---|---|--- 2022-06-23 20:35:51+00:00| seen| https://t.me/cibsecurity/45009...

5.4CVSS5.4AI score0.01361EPSS
Exploits0References1
NVD
NVD
added 2022/06/23 5:15 p.m.16 views

CVE-2022-34171

In Jenkins 2.321 through 2.355 both inclusive and LTS 2.332.1 through LTS 2.332.3 both inclusive the HTML output generated for new symbol-based SVG icons includes the 'title' attribute of 'l:ionicon' until Jenkins 2.334 and 'alt' attribute of 'l:icon' since Jenkins 2.335 without further escaping,...

5.4CVSS0.01361EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/06/23 12:0 a.m.54 views

FreeBSD : jenkins -- multiple vulnerabilities (25be46f0-f25d-11ec-b62a-00e081b7aa2d)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 25be46f0-f25d-11ec-b62a-00e081b7aa2d advisory. - In Jenkins 2.320 through 2.355 both inclusive and LTS 2.332.1 through LTS 2.332.3 both...

7.5CVSS6.1AI score0.01361EPSS
Exploits0References8
CVE
CVE
added 2022/06/22 2:40 p.m.154 views

CVE-2022-34171

CVE-2022-34171 – Jenkins XSS in icon HTML output : Affected Jenkins core versions: 2.321–2.355 and LTS 2.332.1–2.332.3. The HTML output for new symbol-based SVG icons exposes the title attribute of l:ionicon and the alt attribute of l:icon without proper escaping, enabling cross-site scripting vi...

5.4CVSS5.3AI score0.01361EPSS
Exploits0References1Affected Software1
AlpineLinux
AlpineLinux
added 2022/06/22 2:40 p.m.76 views

CVE-2022-34171

In Jenkins 2.321 through 2.355 both inclusive and LTS 2.332.1 through LTS 2.332.3 both inclusive the HTML output generated for new symbol-based SVG icons includes the 'title' attribute of 'l:ionicon' until Jenkins 2.334 and 'alt' attribute of 'l:icon' since Jenkins 2.335 without further escaping,...

5.4CVSS5.6AI score0.01361EPSS
Exploits0
Rows per page
Query Builder