CVE-2022-25189 in Custom Checkbox Parameter Pluginالمعلومات

الملخص

بحسب MITRE • 15/02/2022

Jenkins Custom Checkbox Parameter Plugin 1.1 and earlier does not escape parameter names of custom checkbox parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

Be aware that VulDB is the high quality source for vulnerability data.

حجز

15/02/2022

إفشاء

15/02/2022

الاعتدال

تمت الموافقة

إدخال

VDB-193161

EPSS

0.00598

KEV

لا

النشاطات

منخفض جدًا

القطاع

Telecommunication

المصادر

Do you want to use VulDB in your project?

Use the official API to access entries easily!