2 matches found
CVE-2022-30968
Jenkins vboxwrapper Plugin 1.3 and earlier does not escape the name and description of VBox node parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-30968
CVE-2022-30968 – Jenkins vboxwrapper Plugin (1.3 and earlier) is a stored XSS vulnerability: it fails to escape the name and description of VBox node parameters on parameter views, exploitable by attackers with Item/Configure permission. This is documented across multiple sources (NVD/NESSUS adja...