4 matches found
CVE-2022-36902
Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape several fields of Moded Extended Choice parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
Jenkins Dynamic Extended Choice Parameter Plugin 跨站脚本漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A cross-site scripting...
PT-2022-22054 · Jenkins · Jenkins Dynamic Extended Choice Parameter Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Dynamic Extended Choice Parameter Plugin versions 1.0.1 and earlier Description: The issue is a stored cross-site scripting XSS vulnerability that occurs because the plugin does not escape the name and description of Moded Extended...
com.moded.extendedchoiceparameter:dynamic_extended_choice_parameter (>=1.0.0 <=1.0.1) potentially affected by CVE-2021-21624 via org.jenkins-ci.plugins:role-strategy (=2.1.0)
org.jenkins-ci.plugins:role-strategy MAVEN version =2.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:role-strategy and may be impacted: - com.moded.extendedchoiceparameter:dynamicextendedchoiceparameter =1.0.0, =1.0.1 Source...