3 matches found
CVE-2022-46687
Jenkins Spring Config Plugin 2.0.0 and earlier does not escape build display names shown on the Spring Config view, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to change build display names...
CVE-2022-46687
CVE-2022-46687 affects Jenkins Spring Config Plugin 2.0.0 and earlier. The vulnerability arises because build display names shown in the Spring Config view are not escaped, causing stored XSS when an attacker can modify those names. Affected versions: 2.0.0 and earlier. Mitigation: upgrade to 2.0...
CVE-2022-46687
Jenkins Spring Config Plugin 2.0.0 and earlier does not escape build display names shown on the Spring Config view, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to change build display names...