CVE-2022-43420

Jenkins Contrast Continuous Application Security Plugin 3.9 and earlier does not escape data returned from the Contrast service when generating a report, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control or modify Contrast service API responses...

Stored XSS vulnerability in Jenkins Contrast Continuous Application Security Plugin

Contrast Continuous Application Security Plugin 3.9 and earlier does not escape data returned from the Contrast service when generating a report. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control or modify Contrast service API responses...

Jenkins Contrast Continuous Application Security Plugin 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A cross-site scripting...

PT-2022-26905 · Jenkins · Jenkins Contrast Continuous Application Security Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Contrast Continuous Application Security Plugin versions 3.9 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because the plugin does not escape data returned from the Contras...