4 matches found
CVE-2022-30964
Jenkins Multiselect parameter Plugin 1.3 and earlier does not escape the name and description of Multiselect parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-30964
creationtimestamp| type| source ---|---|--- 2022-05-17 18:27:49+00:00| seen| https://t.me/cibsecurity/42820 2023-12-18 05:27:39+00:00| seen| https://t.me/arpsyndicate/1921...
CVE-2022-30964
Jenkins Multiselect parameter Plugin 1.3 and earlier does not escape the name and description of Multiselect parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-30964
The CVE-2022-30964 entry describes a stored XSS vulnerability in Jenkins Multiselect Parameter Plugin (versions up to 1.3). Root cause: the plugin fails to escape the name and description of Multiselect parameters on views that display parameters. Impact: exploitable by attackers with Item/Config...