CVE-2022-29038

Jenkins Extended Choice Parameter Plugin 346.vd87693c5a86c and earlier does not escape the name and description of Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

CVE-2022-29038

Jenkins Extended Choice Parameter Plugin 346.vd87693c5a86c and earlier does not escape the name and description of Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

PT-2022-19377 · Jenkins · Jenkins Extended Choice Parameter Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Extended Choice Parameter Plugin versions 346.vd87693c5a 86c and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability due to the failure to escape the name and description of Extended Choice...

CVE-2022-27204

A cross-site request forgery vulnerability in Jenkins Extended Choice Parameter Plugin 346.vd87693c5a86c and earlier allows attackers to connect to an attacker-specified URL...

CVE-2022-27203

Jenkins Extended Choice Parameter Plugin 346.vd87693c5a86c and earlier allows attackers with Item/Configure permission to read values from arbitrary JSON and Java properties files on the Jenkins controller...

Jenkins Plugin Extended Choice Parameter 路径遍历漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.Jenkins Extended Choice Parameter Plugin...

Jenkins Extended Choice Parameter Plugin跨站脚本漏洞

Jenkins and Jenkins Plugin are both products of Jenkins. jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. The vulnerability stems from the plugin's failure to escape the value and description ...

Jenkins Extended Choice Parameter Plugin 权限许可和访问控制问题漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. Jenkins Extended Choice Parameter Plugin is vulnerable to a permission...

CloudBees Jenkins Dynamic Extended Choice Parameter plugin memory corruption vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . A memory corruption vulnerability exists in CloudBees Jenkins Dynamic Extended Choice Parameter Plugin, which can be exploited by an attacker to read the privileg...