CVE-2022-30967

CVE-2022-30967 affects Jenkins by the Selection tasks Plugin (1.0 and earlier). The vulnerability is a stored XSS caused by not escaping the name and description of Script Selection task variable parameters on parameter-views, exploitable by users with Item/Configure permission. The connected doc...

PT-2022-20423 · Jenkins · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins Selection tasks Plugin versions 1.0 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability, which is exploitable by attackers with Item/Configure permission. This occurs because the plugin does n...

Jenkins Selection tasks Plugin 跨站脚本漏洞

Jenkins and Jenkins Plugin are both open source products from Jenkins.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A cross-site scripting vulnerability...

CloudBees Jenkins Selection tasks Plugin Arbitrary Command Execution Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . Jenkins Selection tasks Plugi...

CVE-2020-2276

Jenkins Selection tasks Plugin 1.0 and earlier executes a user-specified program on the Jenkins controller, allowing attackers with Job/Configure permission to execute an arbitrary system command on the Jenkins controller as the OS user that the Jenkins process is running as...

PT-2020-15505 · Jenkins · Jenkins Selection Tasks Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Selection tasks Plugin version 1.0 and earlier Description: The issue allows attackers with Job/Configure permission to execute an arbitrary system command on the Jenkins controller as the OS user that the Jenkins process is running a...