3 matches found
CVE-2022-34784
Jenkins build-metrics Plugin 1.3 does not escape the build description on one of its views, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Build/Update permission...
CVE-2022-34784
Jenkins build-metrics Plugin 1.3 does not escape the build description on one of its views, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Build/Update permission...
PT-2022-22335 · Jenkins · Jenkins Build-Metrics Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins build-metrics Plugin version 1.3 Description: The issue is a stored cross-site scripting XSS vulnerability. It occurs because the build description on one of the views is not properly escaped, allowing attackers with Build/Update...