Plot@* Security Vulnerabilities and Issues — Plot@* CVE List

Lucene search

JenkinsPlot*

2 matches found

CVE•added 2022/06/30 6:15 p.m.•263 views

CVE-2022-34783

Jenkins Plot Plugin 2.1.10 and earlier does not escape plot descriptions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

5.4CVSS5.4AI score0.5042EPSS

CVE•added 2022/12/12 9:15 a.m.•57 views

CVE-2022-46682

Jenkins Plot Plugin 2.1.11 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

9.8CVSS9.4AI score0.00094EPSS