CVE-2022-43425 in Checkbox Parameter Plugin
الملخص
بحسب MITRE • 19/10/2022
Jenkins Custom Checkbox Parameter Plugin 1.4 and earlier does not escape the name and description of Custom Checkbox Parameter parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.