Export limit exceeded: 45785 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45785 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-34198 | 1 Jenkins | 1 Stash Branch Parameter | 2024-11-21 | 5.4 Medium |
| Jenkins Stash Branch Parameter Plugin 0.3.0 and earlier does not escape the name and description of Stash Branch parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | ||||
| CVE-2022-34197 | 1 Jenkins | 1 Sauce Ondemand | 2024-11-21 | 5.4 Medium |
| Jenkins Sauce OnDemand Plugin 1.204 and earlier does not escape the name and description of Sauce Labs Browsers parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | ||||
| CVE-2022-34196 | 1 Jenkins | 1 Rest List Parameter | 2024-11-21 | 5.4 Medium |
| Jenkins REST List Parameter Plugin 1.5.2 and earlier does not escape the name and description of REST list parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | ||||
| CVE-2022-34195 | 1 Jenkins | 1 Repository Connector | 2024-11-21 | 5.4 Medium |
| Jenkins Repository Connector Plugin 2.2.0 and earlier does not escape the name and description of Maven Repository Artifact parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | ||||
| CVE-2022-34194 | 1 Jenkins | 1 Readonly Parameter | 2024-11-21 | 5.4 Medium |
| Jenkins Readonly Parameter Plugin 1.0.0 and earlier does not escape the name and description of Readonly String and Readonly Text parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | ||||
| CVE-2022-34193 | 1 Jenkins | 1 Package Version | 2024-11-21 | 5.4 Medium |
| Jenkins Package Version Plugin 1.0.1 and earlier does not escape the name of Package version parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | ||||
| CVE-2022-34192 | 1 Jenkins | 1 Ontrack | 2024-11-21 | 5.4 Medium |
| Jenkins ontrack Jenkins Plugin 4.0.0 and earlier does not escape the name of Ontrack: Multi Parameter choice, Ontrack: Parameter choice, and Ontrack: SingleParameter parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | ||||
| CVE-2022-34191 | 1 Jenkins | 1 Ns-nd Integration Performance Publisher | 2024-11-21 | 5.4 Medium |
| Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.77 and earlier does not escape the name of NetStorm Test parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | ||||
| CVE-2022-34190 | 1 Jenkins | 1 Maven Metadata | 2024-11-21 | 5.4 Medium |
| Jenkins Maven Metadata Plugin for Jenkins CI server Plugin 2.1 and earlier does not escape the name and description of List maven artifact versions parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | ||||
| CVE-2022-34189 | 1 Jenkins | 1 Image Tag Parameter | 2024-11-21 | 5.4 Medium |
| Jenkins Image Tag Parameter Plugin 1.10 and earlier does not escape the name and description of Image Tag parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | ||||
| CVE-2022-34188 | 1 Jenkins | 1 Hidden Parameter | 2024-11-21 | 5.4 Medium |
| Jenkins Hidden Parameter Plugin 0.0.4 and earlier does not escape the name and description of Hidden Parameter parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | ||||
| CVE-2022-34187 | 1 Jenkins | 1 Filesystem List Parameter | 2024-11-21 | 5.4 Medium |
| Jenkins Filesystem List Parameter Plugin 0.0.7 and earlier does not escape the name and description of File system objects list parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | ||||
| CVE-2022-34186 | 1 Jenkins | 1 Dynamic Extended Choice Parameter | 2024-11-21 | 5.4 Medium |
| Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape the name and description of Moded Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | ||||
| CVE-2022-34185 | 1 Jenkins | 1 Date Parameter | 2024-11-21 | 5.4 Medium |
| Jenkins Date Parameter Plugin 0.0.4 and earlier does not escape the name and description of Date parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | ||||
| CVE-2022-34184 | 1 Jenkins | 1 Crx Content Package Deployer | 2024-11-21 | 5.4 Medium |
| Jenkins CRX Content Package Deployer Plugin 1.9 and earlier does not escape the name and description of CRX Content Package Choice parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | ||||
| CVE-2022-34183 | 1 Jenkins | 1 Agent Server Parameter | 2024-11-21 | 5.4 Medium |
| Jenkins Agent Server Parameter Plugin 1.1 and earlier does not escape the name and description of Agent Server parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | ||||
| CVE-2022-34182 | 1 Jenkins | 1 Nested View | 2024-11-21 | 6.1 Medium |
| Jenkins Nested View Plugin 1.20 through 1.25 (both inclusive) does not escape search parameters, resulting in a reflected cross-site scripting (XSS) vulnerability. | ||||
| CVE-2022-34178 | 1 Jenkins | 1 Embeddable Build Status | 2024-11-21 | 6.1 Medium |
| Jenkins Embeddable Build Status Plugin 2.0.3 allows specifying a 'link' query parameter that build status badges will link to, without restricting possible values, resulting in a reflected cross-site scripting (XSS) vulnerability. | ||||
| CVE-2022-34176 | 2 Jenkins, Redhat | 2 Junit, Openshift | 2024-11-21 | 5.4 Medium |
| Jenkins JUnit Plugin 1119.va_a_5e9068da_d7 and earlier does not escape descriptions of test results, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Run/Update permission. | ||||
| CVE-2022-34173 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 5.4 Medium |
| In Jenkins 2.340 through 2.355 (both inclusive) the tooltip of the build button in list views supports HTML without escaping the job display name, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission. | ||||