CVE-2022-43425

CVE-2022-43425 affects Jenkins Custom Checkbox Parameter Plugin (versions ≤ 1.4). The issue is a stored XSS caused by not escaping the name/description of Custom Checkbox Parameter parameters on parameter-listing views, exploitable by users with Item/Configure permission. Exploitation requires pa...

PT-2022-26909 · Jenkins · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins Custom Checkbox Parameter Plugin versions 1.4 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability, which can be exploited by attackers with Item/Configure permission. This occurs because the...

Jenkins Custom Checkbox Parameter Plugin Cross-Site Scripting Vulnerability

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.A cross-site scripting vulnerability exists in Jenkins Custom Checkbox Parameter Plugin 1.1 and earlier versions, which ste...

CVE-2022-25189

Jenkins Custom Checkbox Parameter Plugin 1.1 and earlier does not escape parameter names of custom checkbox parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

Jenkins 插件跨站脚本漏洞

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.A cross-site scripting vulnerability exists in Jenkins Custom Checkbox Parameter Plugin 1.1 and earlier versions, which ste...