4 matches found
CVE-2022-29045
Jenkins promoted builds Plugin 873.v6149dbd64130 and earlier, except 3.10.1, does not escape the name and description of Promoted Build parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
Jenkins plugins Multiple Vulnerabilities (2022-04-12)
According to its their self-reported version number, the version of Jenkins plugins running on the remote web server are Jenkins CVS Plugin prior to 2.19.1, Credentials Plugin prior to 1112., Extended Choice Parameter Plugin 346. or earlier, Gerrit Trigger Plugin prior to 2.35.3, Git Parameter...
CVE-2022-29045
Jenkins promoted builds Plugin 873.v6149dbd64130 and earlier, except 3.10.1, does not escape the name and description of Promoted Build parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-29045
CVE-2022-29045 affects the Jenkins Promoted Builds Plugin (versions 873.v6149db_d64130 and earlier, except 3.10.1). The vulnerability is a stored XSS caused by not escaping the name and description of Promoted Build parameters on views that display parameters, exploitable by attackers with Item/C...