Lucene search
K

7 matches found

Check Point Advisories
Check Point Advisories
added 2022/11/03 12:0 a.m.28 views

Jenkins Matrix Project Plugin Cross-Site Scripting (CVE-2022-20615)

A stored cross-site scripting vulnerability exists in Jenkins Matrix Project Plugin. This vulnerability is due to insufficient validation of node and label names, and label descriptions parameters...

3.5CVSS2.4AI score0.81842EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2022/01/24 6:5 p.m.24 views

CVE-2022-20615

A stored Cross-site scripting XSS vulnerability was found in the Jenkins Matrix Project plugin. There are no escape HTML metacharacters in node, label names, and label descriptions, which allows an attacker with Agent/Configure permissions to perform an XSS attack...

5.4CVSS2.8AI score0.81842EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2022/01/13 12:1 a.m.5 views

com.groupon.jenkins-ci.plugins:DotCi (>=1.1.1 <=2.36.2), com.groupon.jenkins-ci.plugins:DotCi-DockerPublish (>=1.0.0 <=1.0.3) +10 more potentially affected by CVE-2022-20615 via org.jenkins-ci.plugins:matrix-project (=1.2)

org.jenkins-ci.plugins:matrix-project MAVEN version =1.2 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:matrix-project and may be impacted: - com.groupon.jenkins-ci.plugins:DotCi =1.1.1, =1.0.0, =1.0.1, =1.1.3, =1.1.0, =1.0.0,...

5.4CVSS6.6AI score0.81842EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/01/13 12:1 a.m.8 views

aendter.jenkins.plugins:filesystem-list-parameter-plugin (=0.0.6), com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9) +34 more potentially affected by CVE-2022-20615 via org.jenkins-ci.plugins:matrix-project (>=1.0 <=1.18)

org.jenkins-ci.plugins:matrix-project MAVEN version =1.0, =1.9.2-beta, =0.5, =1.28, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =2021.12.0, =1.0, =1.4.2, =0.34, =1.561, =1.599 and more Source cves: CVE-2022-20615 Source advisory: OSV:GHSA-VQWG-4V6F-H6X5...

5.4CVSS6.6AI score0.81842EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/01/12 8:15 p.m.6 views

CVE-2022-20615

Jenkins Matrix Project Plugin 1.19 and earlier does not escape HTML metacharacters in node and label names, and label descriptions, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Agent/Configure permission...

5.4CVSS6.5AI score0.81842EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/01/12 7:5 p.m.26 views

CVE-2022-20615

Jenkins Matrix Project Plugin 1.19 and earlier does not escape HTML metacharacters in node and label names, and label descriptions, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Agent/Configure permission...

6.5AI score0.81842EPSS
Exploits0References3
CVE
CVE
added 2022/01/12 7:5 p.m.250 views

CVE-2022-20615

CVE-2022-20615 affects Jenkins Matrix Project Plugin (1.19 and earlier). It arises because HTML metacharacters in node/label names and label descriptions aren’t escaped, causing a stored XSS vulnerability exploitable by users with Agent/Configure permission. Remediation per the connected advisori...

5.4CVSS5.2AI score0.81842EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder