Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:13 p.m.8 views

CVE-2022-34198

Jenkins Stash Branch Parameter Plugin 0.3.0 and earlier does not escape the name and description of Stash Branch parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS5.4AI score0.0071EPSS
Exploits0References1
CNVD
CNVD
added 2022/06/24 12:0 a.m.35 views

Jenkins Stash Branch Parameter Plugin跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A cross-site scripting vulnerability exis...

5.4CVSS1.9AI score0.0071EPSS
Exploits0References1
NVD
NVD
added 2022/06/23 5:15 p.m.16 views

CVE-2022-34198

Jenkins Stash Branch Parameter Plugin 0.3.0 and earlier does not escape the name and description of Stash Branch parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS0.0071EPSS
Exploits0References1
CVE
CVE
added 2022/06/22 2:41 p.m.107 views

CVE-2022-34198

The CVE-2022-34198 issue affects Jenkins Stash Branch Parameter Plugin (0.3.0 and earlier). Root cause: the plugin does not escape the name and description of Stash Branch parameters on parameter-displaying views, enabling stored XSS. Impact: attackers with Item/Configure permission can exploit s...

5.4CVSS5.2AI score0.0071EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/05/24 5:22 p.m.21 views

GHSA-3F82-V3QW-53Q7 Passwords transmitted in plain text by Jenkins Stash Branch Parameter Plugin

Stash Branch Parameter Plugin stores Stash API passwords in its global configuration file org.jenkinsci.plugins.StashBranchParameter.StashBranchParameterDefinition.xml on the Jenkins controller as part of its configuration. While the password is stored encrypted on disk, it is transmitted in plai...

3.1CVSS4.5AI score0.00657EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/24 5:22 p.m.26 views

Passwords transmitted in plain text by Jenkins Stash Branch Parameter Plugin

Stash Branch Parameter Plugin stores Stash API passwords in its global configuration file org.jenkinsci.plugins.StashBranchParameter.StashBranchParameterDefinition.xml on the Jenkins controller as part of its configuration. While the password is stored encrypted on disk, it is transmitted in plai...

4.3CVSS4.8AI score0.00657EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2020/07/03 12:0 a.m.8 views

Unspecified Vulnerability in CloudBees Jenkins Stash Branch Parameter Plugin

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Stash Branch Parameter Plugin is used in one...

4.3CVSS6.5AI score0.00657EPSS
Exploits0
NVD
NVD
added 2020/07/02 3:15 p.m.17 views

CVE-2020-2210

Jenkins Stash Branch Parameter Plugin 0.3.0 and earlier transmits configured passwords in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure...

4.3CVSS0.00657EPSS
Exploits0References2
Rows per page
Query Builder