The vulnerability of the Jenkins Dynamic Extended Choice Parameter Plugin exists due to the lack of measures taken to protect the structure of web pages. This allows attackers to carry out XSS attacks.

The vulnerability of the Jenkins Dynamic Extended Choice Parameter Plugin exists due to the lack of security measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform XSS attacks remotely...

Stored XSS vulnerability in Jenkins Dynamic Extended Choice Parameter plugin

Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape several fields of Moded Extended Choice parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

GHSA-JVVX-HMMR-RHGG Stored XSS vulnerability in Jenkins Dynamic Extended Choice Parameter plugin

Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape several fields of Moded Extended Choice parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

CVE-2022-36902

Jenkins Dynamic Extended Choice Parameter Plugin versions 1.0.1 and earlier are affected by a stored XSS vulnerability in Moded Extended Choice parameters because several fields are not escaped. This can be exploited by attackers with Item/Configure permissions. Affected products: Jenkins Dynamic...

GHSA-7558-6Q45-6X7M Cross-site Scripting in Jenkins Dynamic Extended Choice Parameter Plugin

Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape the name and description of Moded Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

CVE-2022-34186

Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape the name and description of Moded Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

CVE-2022-34186

The CVE-2022-34186 entry concerns the Jenkins Dynamic Extended Choice Parameter Plugin (version 1.0.1 and earlier), where the plugin does not escape the name and description of Moded Extended Choice parameters on parameter views. This creates a stored XSS vulnerability exploitable by attackers wi...

Jenkins Plugin Dynamic Extended Choice Parameter 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. Jenkins Dynamic Extended Choice Parameter Plugin version 1.0.1 and prior...

com.antelink.reporter.jenkins.plugin:AntepediaReporter-CI-plugin (>=1.7 <=1.8), com.dubture.jenkins:digitalocean-plugin (>=0.1 <=0.2) +39 more potentially affected by CVE-2014-2058 via org.jenkins-ci.main:jenkins-core (>=1.533 <=1.550)

org.jenkins-ci.main:jenkins-core MAVEN version =1.533, =1.7, =0.1, =1.53, =1.0.0, =0.1, =1.533, =1.533, =1.533, =1.533, =0.1.3, =0.1.5 and more Source cves: CVE-2014-2058 Source advisory: OSV:GHSA-7FPG-PP3M-H22F...

CVE-2020-2124

Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2020-2124

Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2020-2124

CVE-2020-2124 affects Jenkins Dynamic Extended Choice Parameter Plugin (versions ≤ 1.0.1). The vulnerability: passwords are stored unencrypted in job config.xml files on the Jenkins master, allowing access by users with Extended Read permission or master FS access. Impact is exposure of stored cr...