CVE-2022-34179

Jenkins Embeddable Build Status Plugin 2.0.3 and earlier allows specifying a style query parameter that is used to choose a different SVG image style without restricting possible values, resulting in a relative path traversal vulnerability that allows attackers without Overall/Read permission to...

PT-2019-11745 · Jenkins · Jenkins Embeddable Build Status Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Embeddable Build Status Plugin versions 2.0.1 and earlier Description: A reflected cross site scripting issue allows attackers to inject arbitrary HTML and JavaScript into the response of the plugin. This enables them to execute...