Lucene search
K

4 matches found

OpenVAS
OpenVAS
added 2022/06/24 12:0 a.m.19 views

Jenkins 2.340 < 2.356 Multiple Vulnerabilities (SECURITY-2776, SECURITY-2780) - Linux

Jenkins is prone to multiple cross-site scripting XSS vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

5.4CVSS5.6AI score0.01361EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/06/23 12:0 a.m.54 views

FreeBSD : jenkins -- multiple vulnerabilities (25be46f0-f25d-11ec-b62a-00e081b7aa2d)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 25be46f0-f25d-11ec-b62a-00e081b7aa2d advisory. - In Jenkins 2.320 through 2.355 both inclusive and LTS 2.332.1 through LTS 2.332.3 both...

7.5CVSS6.1AI score0.01361EPSS
Exploits0References8
Cvelist
Cvelist
added 2022/06/22 2:40 p.m.21 views

CVE-2022-34173

In Jenkins 2.340 through 2.355 both inclusive the tooltip of the build button in list views supports HTML without escaping the job display name, resulting in a cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

5.6AI score0.01361EPSS
Exploits0References1
CVE
CVE
added 2022/06/22 2:40 p.m.141 views

CVE-2022-34173

CVE-2022-34173 affects Jenkins Core 2.340–2.355 (inclusive). The vulnerability arises because the tooltip of the build button in list views renders HTML without escaping the job display name, enabling a cross-site scripting (XSS) condition. Exploitation is possible by attackers with Job/Configure...

5.4CVSS5.2AI score0.01361EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder