CVE-2022-43425 in Checkbox Parameter Pluginالمعلومات

الملخص

بحسب MITRE • 19/10/2022

Jenkins Custom Checkbox Parameter Plugin 1.4 and earlier does not escape the name and description of Custom Checkbox Parameter parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

حجز

18/10/2022

إفشاء

19/10/2022

الاعتدال

تمت الموافقة

إدخال

VDB-211903

EPSS

0.00772

KEV

لا

النشاطات

منخفض جدًا

القطاع

Telecommunication

المصادر

Interested in the pricing of exploits?

See the underground prices here!