3 matches found
CVE-2022-25188
Jenkins Fortify Plugin 20.2.34 and earlier does not sanitize the appName and appVersion parameters of its Pipeline steps, allowing attackers with Item/Configure permission to write or overwrite .xml files on the Jenkins controller file system with content not controllable by the attacker...
CVE-2022-25188
Jenkins Fortify Plugin 20.2.34 and earlier does not sanitize the appName and appVersion parameters of its Pipeline steps, allowing attackers with Item/Configure permission to write or overwrite .xml files on the Jenkins controller file system with content not controllable by the attacker...
CVE-2022-25188
CVE-2022-25188 affects Jenkins Fortify Plugin 20.2.34 and earlier. The root cause is that the plugin does not sanitize the appName and appVersion parameters of its Pipeline steps, enabling attackers with Item/Configure permission to write or overwrite .xml files on the Jenkins controller filesyst...