3 matches found
CVE-2022-34787
Jenkins Project Inheritance Plugin 21.04.03 and earlier does not escape the reason a build is blocked in tooltips, resulting in a cross-site scripting XSS vulnerability exploitable by attackers able to control the reason a queue item is blocked...
CVE-2022-34787
CVE-2022-34787 concerns Jenkins Project Inheritance Plugin, versions 21.04.03 and earlier. The vulnerability arises because the plugin does not escape the text explaining why a build is blocked in tooltips, enabling stored or reflected XSS if an attacker can control the blocked queue reason. Expl...
CVE-2022-34787
Jenkins Project Inheritance Plugin 21.04.03 and earlier does not escape the reason a build is blocked in tooltips, resulting in a cross-site scripting XSS vulnerability exploitable by attackers able to control the reason a queue item is blocked...