CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

CNVD•added 2022/05/19 12:0 a.m.•15 views

Jenkins Autocomplete Parameter Plugin跨站脚本漏洞（CNVD-2022-49967）

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. Jenkins Autocomplete Parameter Plugin 1.1 and earlier versions have a cross-si...

5.4CVSS2.1AI score0.00217EPSS

Exploits0References1

OSV•added 2022/05/18 12:0 a.m.•61 views

GHSA-CJ9J-V8JP-6HM9 Cross-site Scripting in Jenkins Autocomplete Parameter Plugin

Jenkins Autocomplete Parameter Plugin 1.1 and earlier references Dropdown Autocomplete parameter and Auto Complete String parameter names in an unsafe manner from Javascript embedded in view definitions, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with...

8CVSS5.6AI score0.00217EPSS

Exploits0References3

NVD•added 2022/05/17 3:15 p.m.•12 views

CVE-2022-30969

A cross-site request forgery CSRF vulnerability in Jenkins Autocomplete Parameter Plugin 1.1 and earlier allows attackers to execute arbitrary code without sandbox protection if the victim is an administrator...

8.8CVSS0.00115EPSS

Exploits0References1

NVD•added 2022/05/17 3:15 p.m.•28 views

CVE-2022-30961

Jenkins Autocomplete Parameter Plugin 1.1 and earlier does not escape the name of Dropdown Autocomplete and Auto Complete String parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS0.00217EPSS

Exploits0References1

Prion•added 2022/05/17 3:15 p.m.•14 views

Cross site scripting

3.5CVSS5.2AI score0.00217EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/05/17 2:6 p.m.•11 views

CVE-2022-30969

9.3AI score0.00115EPSS

Exploits0References1

CVE•added 2022/05/17 2:6 p.m.•131 views

CVE-2022-30969

CVE-2022-30969 affects Jenkins Autocomplete Parameter Plugin (versions 1.1 and earlier). The issue is a CSRF flaw that can allow an administrator’s session to run arbitrary code without sandbox protection when visiting a malicious page. Impact per available data: high, with CVSS3.1 base score 8.8...

8.8CVSS9AI score0.00115EPSS

Exploits0References1Affected Software1

CNNVD•added 2022/05/17 12:0 a.m.•2 views

Jenkins Autocomplete Parameter Plugin 跨站脚本漏洞

5.4CVSS5.4AI score0.00217EPSS

Exploits0References3

Positive Technologies•added 2022/05/17 12:0 a.m.•2 views

PT-2022-20427 · Jenkins · Jenkins Autocomplete Parameter Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Autocomplete Parameter Plugin versions 1.1 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because the plugin references certain parameter names in an unsafe manner from...

8CVSS5.4AI score0.00217EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by