3 matches found
CVE-2022-45382
Jenkins Naginator Plugin 1.18.1 and earlier does not escape display names of source builds in builds that were triggered via Retry action, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to edit build display names...
CVE-2022-45382
Jenkins Naginator Plugin 1.18.1 and earlier does not escape display names of source builds in builds that were triggered via Retry action, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to edit build display names...
CVE-2022-45382
Jenkins Naginator Plugin versions 1.18.1 and earlier suffer a stored XSS vulnerability: display names of source builds in Retry-triggered builds are not escaped, enabling an attacker who can edit the build name to inject script. The issue is documented under CVE-2022-45382 and is corroborated by ...