CVE-2022-34786

Jenkins Rich Text Publisher Plugin 1.4 and earlier does not escape the HTML message set by its post-build step, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs...

Jenkins plugins Multiple Vulnerabilities (2022-06-30)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins GitLab Plugin 1.5.34 and earlier does not escape multiple fields inserted into the description of webhook-triggered builds, resulti...

Cross-site Scripting in Jenkins Rich Text Publisher Plugin

Jenkins Rich Text Publisher Plugin 1.4 and earlier does not escape the HTML message set by its post-build step, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs...

CVE-2022-34786

Jenkins Rich Text Publisher Plugin 1.4 and earlier does not escape the HTML message set by its post-build step, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs...

CVE-2022-34786

Jenkins Rich Text Publisher Plugin 1.4 and earlier does not escape the HTML message set by its post-build step, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs...

Cross site scripting

Jenkins Rich Text Publisher Plugin 1.4 and earlier does not escape the HTML message set by its post-build step, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs...

CVE-2022-34786

CVE-2022-34786 affects Jenkins Rich Text Publisher Plugin (versions 1.4 and earlier). The issue is that the plugin does not escape the HTML in the message set by its post-build step, causing stored cross-site scripting (XSS) when an attacker can configure jobs. The Red Hat and other connected doc...

CVE-2022-34786

Jenkins Rich Text Publisher Plugin 1.4 and earlier does not escape the HTML message set by its post-build step, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs...

Jenkins Plugin Rich Text Publisher 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. The vulnerability stems from not escaping HTML messages set by its post-build...

PT-2022-22337 · Jenkins · Jenkins Rich Text Publisher Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Rich Text Publisher Plugin versions 1.4 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because the HTML message set by the post-build step is not escaped, allowing attackers...