4 matches found
CVE-2022-30963
Jenkins JDK Parameter Plugin 1.0 and earlier does not escape the name and description of JDK parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-30963
Jenkins JDK Parameter Plugin 1.0 and earlier does not escape the name and description of JDK parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-30963
Jenkins JDK Parameter Plugin 1.0 and earlier does not escape the name and description of JDK parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-30963
CVE-2022-30963 affects Jenkins JDK Parameter Plugin (1.0 and earlier). The vulnerability is a stored XSS caused by not escaping the JDK parameter name and description in views that display parameters, enabling exploitation by attackers with Item/Configure permission on affected dashboards/pages.