Количество 4
Количество 4
CVE-2022-34173
In Jenkins 2.340 through 2.355 (both inclusive) the tooltip of the build button in list views supports HTML without escaping the job display name, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
CVE-2022-34173
In Jenkins 2.340 through 2.355 (both inclusive) the tooltip of the build button in list views supports HTML without escaping the job display name, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
CVE-2022-34173
In Jenkins 2.340 through 2.355 (both inclusive) the tooltip of the bui ...
GHSA-6g4r-q7qg-6qx6
Cross-site Scripting vulnerability in Jenkins
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-34173 In Jenkins 2.340 through 2.355 (both inclusive) the tooltip of the build button in list views supports HTML without escaping the job display name, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission. | CVSS3: 6.1 | 12% Средний | больше 3 лет назад |
 | CVE-2022-34173 In Jenkins 2.340 through 2.355 (both inclusive) the tooltip of the build button in list views supports HTML without escaping the job display name, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission. | CVSS3: 5.4 | 12% Средний | больше 3 лет назад |
| CVE-2022-34173 In Jenkins 2.340 through 2.355 (both inclusive) the tooltip of the bui ... | CVSS3: 5.4 | 12% Средний | больше 3 лет назад |
| GHSA-6g4r-q7qg-6qx6 Cross-site Scripting vulnerability in Jenkins | CVSS3: 8 | 12% Средний | больше 3 лет назад |
Уязвимостей на страницу