Lucene search
K

275 matches found

OSV
OSV
added 2022/06/23 5:15 p.m.3 views

CVE-2022-34183

Jenkins Agent Server Parameter Plugin 1.1 and earlier does not escape the name and description of Agent Server parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS6.3AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/23 5:15 p.m.3 views

CVE-2022-34183

Jenkins Agent Server Parameter Plugin 1.1 and earlier does not escape the name and description of Agent Server parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS6.2AI score0.00602EPSS
Exploits0References2
OSV
OSV
added 2022/06/23 5:15 p.m.25 views

CVE-2022-34186

Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape the name and description of Moded Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS5.3AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/23 5:15 p.m.3 views

CVE-2022-34188

Jenkins Hidden Parameter Plugin 0.0.4 and earlier does not escape the name and description of Hidden Parameter parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS6.2AI score0.00602EPSS
Exploits0References2
OSV
OSV
added 2022/06/23 5:15 p.m.22 views

CVE-2022-34196

Jenkins REST List Parameter Plugin 1.5.2 and earlier does not escape the name and description of REST list parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS5.3AI score
Exploits0References1
Prion
Prion
added 2022/06/23 5:15 p.m.16 views

Cross site scripting

Jenkins Filesystem List Parameter Plugin 0.0.7 and earlier does not escape the name and description of File system objects list parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

3.5CVSS5.3AI score0.00738EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/06/23 5:15 p.m.28 views

Cross site scripting

Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape the name and description of Moded Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

3.5CVSS5.2AI score0.00753EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/06/23 5:15 p.m.21 views

Cross site scripting

Jenkins Agent Server Parameter Plugin 1.1 and earlier does not escape the name and description of Agent Server parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

3.5CVSS5.3AI score0.00602EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/06/23 5:15 p.m.14 views

Cross site scripting

Jenkins Readonly Parameter Plugin 1.0.0 and earlier does not escape the name and description of Readonly String and Readonly Text parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

3.5CVSS5.2AI score0.00602EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/06/23 5:15 p.m.17 views

Cross site scripting

Jenkins REST List Parameter Plugin 1.5.2 and earlier does not escape the name and description of REST list parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

3.5CVSS5.2AI score0.00753EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/06/23 5:15 p.m.17 views

Cross site scripting

Jenkins Hidden Parameter Plugin 0.0.4 and earlier does not escape the name and description of Hidden Parameter parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

3.5CVSS5.2AI score0.00602EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/06/22 2:41 p.m.107 views

CVE-2022-34198

The CVE-2022-34198 issue affects Jenkins Stash Branch Parameter Plugin (0.3.0 and earlier). Root cause: the plugin does not escape the name and description of Stash Branch parameters on parameter-displaying views, enabling stored XSS. Impact: attackers with Item/Configure permission can exploit s...

5.4CVSS5.2AI score0.0071EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/06/22 2:41 p.m.22 views

CVE-2022-34196

Jenkins REST List Parameter Plugin 1.5.2 and earlier does not escape the name and description of REST list parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

6.8AI score0.00753EPSS
Exploits0References1
CVE
CVE
added 2022/06/22 2:41 p.m.96 views

CVE-2022-34196

CVE-2022-34196 affects Jenkins with the REST List Parameter Plugin prior to 1.6.0. The plugin does not escape the name and description of REST list parameters on parameter-displaying views, causing a stored XSS vulnerability exploitable by attackers who have Item/Configure permission. Connected a...

5.4CVSS5.2AI score0.00753EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/06/22 2:41 p.m.19 views

CVE-2022-34194

Jenkins Readonly Parameter Plugin 1.0.0 and earlier does not escape the name and description of Readonly String and Readonly Text parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

6.8AI score0.00602EPSS
Exploits0References1
CVE
CVE
added 2022/06/22 2:41 p.m.119 views

CVE-2022-34189

CVE-2022-34189 – Jenkins Image Tag Parameter Plugin : The plugin (1.10 and earlier) fails to escape the name and description of Image Tag parameters on parameter-displaying views, causing stored XSS. Exploitation requires Item/Configure permission and listing parameters on a page (e.g., Build Wit...

5.4CVSS5.2AI score0.00602EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/06/22 2:41 p.m.17 views

CVE-2022-34188

Jenkins Hidden Parameter Plugin 0.0.4 and earlier does not escape the name and description of Hidden Parameter parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

6.8AI score0.00602EPSS
Exploits0References1
CVE
CVE
added 2022/06/22 2:41 p.m.97 views

CVE-2022-34188

CVE-2022-34188 describes a stored XSS vulnerability in Jenkins Hidden Parameter Plugin versions 0.0.4 and earlier, where the plugin fails to escape the name and description of Hidden Parameter parameters on parameter-displaying views. This allows attackers with Item/Configure permission to inject...

5.4CVSS5.2AI score0.00602EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/06/22 2:41 p.m.32 views

CVE-2022-34187

Jenkins Filesystem List Parameter Plugin 0.0.7 and earlier does not escape the name and description of File system objects list parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

6.9AI score0.00738EPSS
Exploits0References1
CVE
CVE
added 2022/06/22 2:41 p.m.90 views

CVE-2022-34187

CVE-2022-34187 affects Jenkins Filesystem List Parameter Plugin, version 0.0.7 and earlier. It is a stored cross-site scripting (XSS) vulnerability in the name/description of File system objects list parameters on parameter-enabled views, exploitable by attackers with Item/Configure permission. M...

5.4CVSS5.2AI score0.00738EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder