Lucene search
+L

5 matches found

Check Point Advisories
Check Point Advisories
added 2022/11/14 12:0 a.m.34 views

Jenkins Rundeck Plugin Cross-Site Scripting (CVE-2022-30956)

A cross-site scripting vulnerability exists in Jenkins Rundeck Plugin. This vulnerability is due to insufficient validation of user input. A remote, authenticated attacker could exploit this vulnerability by sending a crafted message to a vulnerable server...

3.5CVSS2.5AI score0.71943EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/05/24 12:0 a.m.78 views

Jenkins Enterprise and Operations Center 2.303.x < 2.303.30.0.13 / 2.332.3.4 Multiple Vulnerabilities (CloudBees Security Advisory 2022-05-17)

The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.303.x prior to 2.303.30.0.13, or 2.x prior to 2.332.3.4. It is, therefore, affected by multiple vulnerabilities, including the following: - Jenkins Rundeck Plugin 3.6.10 and earlier does not...

8.8CVSS6.6AI score0.71943EPSS
Exploits0References29
OSV
OSV
added 2022/05/17 3:15 p.m.23 views

CVE-2022-30956

Jenkins Rundeck Plugin 3.6.10 and earlier does not restrict URL schemes in Rundeck webhook submissions, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to submit crafted Rundeck webhook payloads...

5.4CVSS5.3AI score
Exploits0References1
CVE
CVE
added 2022/05/17 2:6 p.m.105 views

CVE-2022-30956

CVE-2022-30956 affects the Jenkins Rundeck Plugin (versions ≤ 3.6.10). It reports that the plugin “does not restrict URL schemes in Rundeck webhook submissions,” causing a stored XSS vulnerability exploitable by authenticated attackers submitting crafted payloads. Public advisories confirm that R...

5.4CVSS5.3AI score0.71943EPSS
Exploits0References1Affected Software1
AlpineLinux
AlpineLinux
added 2022/05/17 2:6 p.m.94 views

CVE-2022-30956

Jenkins Rundeck Plugin 3.6.10 and earlier does not restrict URL schemes in Rundeck webhook submissions, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to submit crafted Rundeck webhook payloads...

5.4CVSS2.2AI score0.71943EPSS
Exploits0References1
Rows per page
Query Builder