NotCVE - vendor:"Jenkins" product:"Git Parameter"

5 results (0.006 seconds)

CVSS: 5.4EPSS: 4%CPEs: 1EXPL: 0

CVE-2022-29040

https://notcve.org/view.php?id=CVE-2022-29040

12 Apr 2022 — Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. Jenkins Git Parameter Plugin versiones 0.9.15 y anteriores, no escapa del nombre y la descripción de los parámetros Git en las visualizaciones que muestran parámetros, resultando en una vulnerabilidad de tipo cross-site scripting (XSS) almacenado que pu... • https://www.jenkins.io/security/advisory/2022-04-12/#SECURITY-2617 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 16%CPEs: 1EXPL: 0

CVE-2022-27212

https://notcve.org/view.php?id=CVE-2022-27212

15 Mar 2022 — Jenkins List Git Branches Parameter Plugin 0.0.9 and earlier does not escape the name of the 'List Git branches (and more)' parameter, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. El Plugin List Git Branches Parameter de Jenkins 0.0.9 y anteriores, no escapa del nombre del parámetro "List Git branches (and more)", resultando en una vulnerabilidad de tipo cross-site scripting (XSS) almacenada explotable por atacantes con permiso Item/... • http://www.openwall.com/lists/oss-security/2022/03/15/2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2020-2238

https://notcve.org/view.php?id=CVE-2020-2238

01 Sep 2020 — Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission. Jenkins Git Parameter Plugin versiones 0.9.12 y anteriores, no escapan el campo repository en la página "Build with Parameters", resultando en una vulnerabilidad de tipo cross-site scripting (XSS) almacenado que los atacantes pueden explotar con permiso de Job/Configure • http://www.openwall.com/lists/oss-security/2020/09/01/3 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2020-2112

https://notcve.org/view.php?id=CVE-2020-2112

12 Feb 2020 — Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the parameter name shown on the UI, resulting in a stored cross-site scripting vulnerability exploitable by users with Job/Configure permission. Jenkins Git Parameter Plugin versiones 0.9.11 y anteriores, no escapa al parámetro name que se muestra en la Interfaz de Usuario, resultando en una vulnerabilidad de tipo cross-site scripting almacenado que los usuarios con permiso Job/Configure pueden explotar. • http://www.openwall.com/lists/oss-security/2020/02/12/3 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2020-2113

https://notcve.org/view.php?id=CVE-2020-2113

12 Feb 2020 — Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the default value shown on the UI, resulting in a stored cross-site scripting vulnerability exploitable by users with Job/Configure permission. Jenkins Git Parameter Plugin versiones 0.9.11 y anteriores, no escapa al valor predeterminado que se muestra en la Interfaz de Usuario, resultando en una vulnerabilidad de tipo cross-site scripting almacenado que los usuarios con permiso Job/Configure pueden explotar. • http://www.openwall.com/lists/oss-security/2020/02/12/3 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •