Stored XSS vulnerability in Jenkins Custom Checkbox Parameter Plugin

Custom Checkbox Parameter Plugin 1.4 and earlier does not escape the name and description of the parameter types it provides. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. Exploitation of this vulnerability requires that...

CVE-2022-43425

Jenkins Custom Checkbox Parameter Plugin 1.4 and earlier does not escape the name and description of Custom Checkbox Parameter parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

CVE-2022-43425

Jenkins Custom Checkbox Parameter Plugin 1.4 and earlier does not escape the name and description of Custom Checkbox Parameter parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

Cross site scripting

Jenkins Custom Checkbox Parameter Plugin 1.4 and earlier does not escape the name and description of Custom Checkbox Parameter parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

CVE-2022-43425

CVE-2022-43425 affects Jenkins Custom Checkbox Parameter Plugin (versions ≤ 1.4). The issue is a stored XSS caused by not escaping the name/description of Custom Checkbox Parameter parameters on parameter-listing views, exploitable by users with Item/Configure permission. Exploitation requires pa...

Jenkins Custom Checkbox Parameter Plugin 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A cross-site scripting...

PT-2022-26909 · Jenkins · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins Custom Checkbox Parameter Plugin versions 1.4 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability, which can be exploited by attackers with Item/Configure permission. This occurs because the...

Jenkins Custom Checkbox Parameter Plugin Cross-Site Scripting Vulnerability

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.A cross-site scripting vulnerability exists in Jenkins Custom Checkbox Parameter Plugin 1.1 and earlier versions, which ste...

CVE-2022-25189

Jenkins Custom Checkbox Parameter Plugin 1.1 and earlier does not escape parameter names of custom checkbox parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

CVE-2022-25189

CVE-2022-25189 : Jenkins Custom Checkbox Parameter Plugin 1.1 and earlier does not escape parameter names of custom checkbox parameters, causing stored XSS exploitable by attackers with Item/Configure permission. The plugin was updated in 1.2 to escape parameter names. Impact is stored XSS; explo...

PT-2022-17129 · Jenkins · Jenkins Custom Checkbox Parameter Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Custom Checkbox Parameter Plugin versions 1.1 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability. This is due to the plugin not escaping parameter names of custom checkbox parameters. Attacke...