Количество 2
Количество 2
CVE-2022-43420
Jenkins Contrast Continuous Application Security Plugin 3.9 and earlier does not escape data returned from the Contrast service when generating a report, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control or modify Contrast service API responses.
GHSA-hvcr-927w-qcvq
Stored XSS vulnerability in Jenkins Contrast Continuous Application Security Plugin
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-43420 Jenkins Contrast Continuous Application Security Plugin 3.9 and earlier does not escape data returned from the Contrast service when generating a report, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control or modify Contrast service API responses. | CVSS3: 5.4 | 11% Средний | больше 3 лет назад |
| GHSA-hvcr-927w-qcvq Stored XSS vulnerability in Jenkins Contrast Continuous Application Security Plugin | CVSS3: 7.5 | 11% Средний | больше 3 лет назад |
Уязвимостей на страницу