Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Github Security Blog
Github Security Blogadded 2022/06/24 12:0 a.m.21 views

Cross-site Scripting in Jenkins Date Parameter Plugin

Jenkins Date Parameter Plugin 0.0.4 and earlier does not escape the name and description of Date parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. Exploitation of this vulnerability...

5.4CVSS5.7AI score0.16751EPSS
Exploits0References3Affected Software1
CNVD
CNVDadded 2022/06/24 12:0 a.m.19 views

Jenkins Date Parameter Plugin Cross-Site Scripting Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A cross-site scripting vulnerability exist...

3.5CVSS1.4AI score0.16751EPSS
Exploits0Affected Software1
NVD
NVDadded 2022/06/23 5:15 p.m.12 views

CVE-2022-34185

Jenkins Date Parameter Plugin 0.0.4 and earlier does not escape the name and description of Date parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS0.16751EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2022/06/23 5:15 p.m.2 views

CVE-2022-34185

Jenkins Date Parameter Plugin 0.0.4 and earlier does not escape the name and description of Date parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS6.2AI score0.16751EPSS
Exploits0References2
CVE
CVEadded 2022/06/22 2:41 p.m.88 views

CVE-2022-34185

CVE-2022-34185 affects Jenkins Date Parameter Plugin (versions 0.0.4 and earlier). The vulnerability is a stored XSS caused by failure to escape the name and description of Date parameters on parameter-displaying views, exploitable by attackers with Item/Configure permission. The connected docume...

5.4CVSS5.2AI score0.16751EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2022/06/22 12:0 a.m.3 views

PT-2022-22053 · Jenkins · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins Date Parameter Plugin versions 0.0.4 and earlier Description: The issue is a stored cross-site scripting XSS vulnerability that occurs because the Jenkins Date Parameter Plugin does not escape the name and description of Date paramete...

8CVSS5.7AI score0.16751EPSS
Exploits0References7
CNNVD
CNNVDadded 2022/06/22 12:0 a.m.1 views

Jenkins Plugin Date Parameter 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A cross-site scripting vulnerability exist...

5.4CVSS6.3AI score0.16751EPSS
Exploits0References4
Rows per page
Query Builder