CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-2142

Malicious code in bioql PyPI...

5.4CVSS5.5AI score0.00166EPSS

Exploits0References3

Github Security Blog•added 2022/05/24 5:28 p.m.•24 views

Stored XSS vulnerability in Validating String Parameter Plugin

Validating String Parameter Plugin 2.4 and earlier does not escape regular expressions in tooltips. Additionally, Validating String Parameter Plugin 2.4 does not escape parameter names and parameter descriptions. This results in a stored cross-site scripting XSS vulnerability exploitable by...

5.4CVSS5AI score0.00233EPSS

Exploits0References5Affected Software1

OSV•added 2022/05/24 5:28 p.m.•23 views

GHSA-FVWH-WV43-8QJ5 Stored XSS vulnerability in Validating String Parameter Plugin

8CVSS5.2AI score0.00233EPSS

Exploits0References5

CVE•added 2022/05/17 2:6 p.m.•120 views

CVE-2022-30966

The CVE-2022-30966 entry involves Jenkins Random String Parameter Plugin (versions 1.0 and earlier). It describes a stored XSS vulnerability caused by the plugin not escaping the name and description of Random String parameters in views that display parameters. The risk requires attacker with Ite...

5.4CVSS5.4AI score0.00166EPSS

Exploits0References1Affected Software1

CVE•added 2022/05/17 2:6 p.m.•104 views

CVE-2022-30962

CVE-2022-30962 affects Jenkins Global Variable String Parameter Plugin, version 1.2 and earlier. The vulnerability arises because the plugin does not escape the name and description of Global Variable String parameters on parameter-displaying views, leading to a stored XSS vulnerability. Exploita...

5.4CVSS5.4AI score0.00217EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/05/17 2:6 p.m.•16 views

CVE-2022-30962

Jenkins Global Variable String Parameter Plugin 1.2 and earlier does not escape the name and description of Global Variable String parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.8AI score0.00217EPSS

Exploits0References1

NVD•added 2020/09/16 2:15 p.m.•11 views

CVE-2020-2257

Jenkins Validating String Parameter Plugin 2.4 and earlier does not escape various user-controlled fields, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

5.4CVSS0.00233EPSS

Exploits0References2

CVE•added 2020/09/16 1:20 p.m.•68 views

CVE-2020-2257

Jenkins Validating String Parameter Plugin (versions ≤ 2.4) contains a stored XSS vulnerability due to insufficient escaping of user-controlled fields (including regular expressions in tooltips, names, and descriptions). Exploitation requires Job/Configure permission. A fix is available in versio...

5.4CVSS5.2AI score0.00233EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by