4 matches found
Jenkins 2.340 < 2.356 Multiple Vulnerabilities (SECURITY-2776, SECURITY-2780) - Linux
Jenkins is prone to multiple cross-site scripting XSS vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
FreeBSD : jenkins -- multiple vulnerabilities (25be46f0-f25d-11ec-b62a-00e081b7aa2d)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 25be46f0-f25d-11ec-b62a-00e081b7aa2d advisory. - In Jenkins 2.320 through 2.355 both inclusive and LTS 2.332.1 through LTS 2.332.3 both...
CVE-2022-34172
CVE-2022-34172 affects Jenkins core: in versions 2.340–2.355, symbol-based icons unescape previously escaped values of tooltip parameters, enabling cross-site scripting (XSS) in the UI. Exploitation is possible for attackers with Job/Configure permission. The vulnerability is addressed in Jenkins...
CVE-2022-34172
In Jenkins 2.340 through 2.355 both inclusive symbol-based icons unescape previously escaped values of 'tooltip' parameters, resulting in a cross-site scripting XSS vulnerability...