CVE-2022-25202

Jenkins Promoted Builds Simple Plugin 1.9 and earlier does not escape the name of custom promotion levels, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Overall/Administer permission...

CVE-2022-30965

Jenkins Promoted Builds Simple Plugin 1.9 and earlier does not escape the name and description of Promotion Level parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

PT-2022-20421 · Jenkins · Jenkins Promoted Builds (Simple) Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Promoted Builds Simple Plugin versions 1.9 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because the name and description of Promotion Level parameters on views displaying...

GHSA-V98R-GJGC-M9PF Stored Cross-site Scripting vulnerability in Jenkins Promoted Builds Plugin

Jenkins promoted builds Plugin 873.v6149dbd64130 and earlier, except 3.10.1, does not escape the name and description of Promoted Build parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

CVE-2022-29045

Jenkins promoted builds Plugin 873.v6149dbd64130 and earlier, except 3.10.1, does not escape the name and description of Promoted Build parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

Jenkins Promoted Builds Plugin Security Bypass Vulnerability

Jenkins is an open source software project , is based on Java development of a continuous integration tool . A security vulnerability exists in the Status.java and ManualCondition.java files in Jenkins Promoted Builds Plugin 2.31.1 and earlier versions, which stems from a program that makes it...