CVE-2022-43425 in Checkbox Parameter Plugin
요약
\~에 의해 MITRE • 2022. 10. 19.
Jenkins Custom Checkbox Parameter Plugin 1.4 and earlier does not escape the name and description of Custom Checkbox Parameter parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.