4 matches found
Jenkins plugins Multiple Vulnerabilities (2022-04-12)
According to its their self-reported version number, the version of Jenkins plugins running on the remote web server are Jenkins CVS Plugin prior to 2.19.1, Credentials Plugin prior to 1112., Extended Choice Parameter Plugin 346. or earlier, Gerrit Trigger Plugin prior to 2.35.3, Git Parameter...
CVE-2022-29040
Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-29040
Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-29040
CVE-2022-29040 affects the Jenkins Git Parameter Plugin (version 0.9.15 and earlier). The issue is a stored XSS vulnerability caused by the plugin not escaping the name and description of Git parameters on parameter display views, enabling exploitation by attackers with Item/Configure permission....