CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2022/04/12 8:15 p.m.•13 views

CVE-2022-29040

Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS0.00217EPSS

ATTACKERKB•added 2022/04/12 8:15 p.m.•3 views

CVE-2022-29040

5.4CVSS6AI score0.00217EPSS

Cvelist•added 2022/04/12 7:50 p.m.•13 views

CVE-2022-29040

5.8AI score0.00217EPSS

CVE•added 2022/04/12 7:50 p.m.•109 views

CVE-2022-29040

CVE-2022-29040 affects the Jenkins Git Parameter Plugin (version 0.9.15 and earlier). The issue is a stored XSS vulnerability caused by the plugin not escaping the name and description of Git parameters on parameter display views, enabling exploitation by attackers with Item/Configure permission....

5.4CVSS5.4AI score0.00217EPSS

Exploits0References1Affected Software1

CNNVD•added 2022/04/12 12:0 a.m.•2 views

Jenkins Git Parameter Plugin跨站脚本漏洞

5.4CVSS5.3AI score0.00217EPSS

Exploits0References4

Positive Technologies•added 2022/04/12 12:0 a.m.•1 views

PT-2022-19380 · Jenkins · Jenkins Git Parameter Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Git Parameter Plugin versions 0.9.15 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability. This occurs because the name and description of Git parameters on views displaying parameters are not...

5.4CVSS5.1AI score0.00217EPSS

Exploits0References6

CNVD•added 2020/09/02 12:0 a.m.•0 views

CloudBees Jenkins Git XSS Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/testing project and some timed tasks.LTS is a long-term support for CloudBees...

5.4CVSS6.5AI score0.00233EPSS

OSV•added 2020/09/01 2:15 p.m.•14 views

CVE-2020-2238

Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

5.4CVSS5.5AI score

CVE•added 2020/09/01 1:50 p.m.•61 views

CVE-2020-2238

The CVE-2020-2238 issue affects the Jenkins Git Parameter Plugin, where versions up to 0.9.12 do not escape the repository field on the Build with Parameters page, enabling a stored XSS vulnerability exploitable by attackers with Job/Configure permissions. Connected sources confirm the root cause...

5.4CVSS5.3AI score0.00233EPSS

CNVD•added 2020/02/20 12:0 a.m.•1 views

CloudBees Jenkins Git Parameter plugin cross-site scripting vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . A cross-site scripting vulnerability exists in the Git Parameter plugin 0.9.11 and earlier versions in CloudBees Jenkins. The vulnerability stems from the failure...

5.4CVSS6.4AI score0.00102EPSS

CNVD•added 2020/02/20 12:0 a.m.•1 views

CloudBees Jenkins Git Parameter plugin cross-site scripting vulnerability (CNVD-2020-11651)

5.4CVSS6.4AI score0.00102EPSS

OSV•added 2020/02/12 3:15 p.m.•12 views

CVE-2020-2112

Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the parameter name shown on the UI, resulting in a stored cross-site scripting vulnerability exploitable by users with Job/Configure permission...

5.4CVSS5.9AI score

NVD•added 2020/02/12 3:15 p.m.•11 views

CVE-2020-2112

5.4CVSS5.3AI score0.00102EPSS

NVD•added 2020/02/12 3:15 p.m.•13 views

CVE-2020-2113

Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the default value shown on the UI, resulting in a stored cross-site scripting vulnerability exploitable by users with Job/Configure permission...

5.4CVSS5.3AI score0.00102EPSS

Prion•added 2020/02/12 3:15 p.m.•15 views

Cross site scripting

3.5CVSS5.2AI score0.00102EPSS

CVE•added 2020/02/12 2:35 p.m.•75 views

CVE-2020-2112

CVE-2020-2112 affects Jenkins Git Parameter Plugin (versions

5.4CVSS5.2AI score0.00102EPSS

Cvelist•added 2020/02/12 2:35 p.m.•10 views

CVE-2020-2112

5.3AI score0.00102EPSS

CVE•added 2020/02/12 2:35 p.m.•61 views

CVE-2020-2113

CVE-2020-2113 affects Jenkins Git Parameter Plugin versions 0.9.11 and earlier. The UI shows the default value without escaping, enabling stored XSS exploitable by users with Job/Configure permission. Affected component is the Git Parameter Plugin’s UI input handling; root cause is lack of escapi...

5.4CVSS5.2AI score0.00102EPSS

Cvelist•added 2020/02/12 2:35 p.m.•12 views

CVE-2020-2113

5.3AI score0.00102EPSS