Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2022/03/16 12:0 a.m.6 views

org.jenkins-ci.plugins:build-metrics (>=1.0 <=1.3) potentially affected by CVE-2022-27207 via org.jenkins-ci.plugins:global-build-stats (=1.2)

org.jenkins-ci.plugins:global-build-stats MAVEN version =1.2 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:global-build-stats and may be impacted: - org.jenkins-ci.plugins:build-metrics =1.0, =1.3 Source cves: CVE-2022-27207...

4.8CVSS5.8AI score0.00757EPSS
Exploits0
NVD
NVD
added 2022/03/15 5:15 p.m.22 views

CVE-2022-27207

Jenkins global-build-stats Plugin 1.5 and earlier does not escape multiple fields in the chart configuration on the 'Global Build Stats' page, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Overall/Administer permission...

4.8CVSS0.00757EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/03/15 4:45 p.m.29 views

CVE-2022-27207

Jenkins global-build-stats Plugin 1.5 and earlier does not escape multiple fields in the chart configuration on the 'Global Build Stats' page, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Overall/Administer permission...

5.8AI score0.00757EPSS
Exploits0References2
CVE
CVE
added 2022/03/15 4:45 p.m.124 views

CVE-2022-27207

CVE-2022-27207 describes a stored XSS vulnerability in the Jenkins global-build-stats Plugin, affecting versions 1.5 and earlier. The issue arises because multiple fields in the chart configuration on the Global Build Stats page are not escaped, enabling an attacker with Overall/Administer permis...

4.8CVSS5AI score0.00757EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder