5 matches found
CVE-2022-27197
Jenkins Dashboard View Plugin 2.18 and earlier does not perform URL validation for the Iframe Portlet's Iframe source URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure views...
org.jenkins-ci.plugins:project-build-times (>=1.0 <=1.2.1), org.jenkins-ci.plugins:project-stats-plugin (>=0.1 <=0.4) potentially affected by CVE-2022-27197 via org.jenkins-ci.plugins:dashboard-view (>=2.0 <=2.0.2)
org.jenkins-ci.plugins:dashboard-view MAVEN version =2.0, =1.0, =0.1, =0.4 Source cves: CVE-2022-27197 Source advisory: OSV:GHSA-6FG4-36V7-XV32...
CVE-2022-27197
creationtimestamp| type| source ---|---|--- 2022-03-15 19:19:41+00:00| seen| https://t.me/cibsecurity/38947...
CVE-2022-27197
Jenkins Dashboard View Plugin 2.18 and earlier does not perform URL validation for the Iframe Portlet's Iframe source URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure views...
CVE-2022-27197
CVE-2022-27197 affects Jenkins Dashboard View Plugin 2.18 and earlier. A stored XSS vulnerability arises because the Iframe Portlet’s Iframe source URL is not validated, enabling attackers who can configure views to inject script. Multiple external sources corroborate the issue and, in some cases...