Jenkins Cross-Site Scripting Vulnerability (CNVD-2022-05039)

2022-01-1600:00:00

China National Vulnerability Database

www.cnvd.org.cn

0.001 Low

EPSS

Percentile

22.0%

JSON

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Publish Over SSH Plugin in version 1.22 and earlier has a cross-site scripting vulnerability that stems from the lack of data validation filtering of SSH server names on user-supplied data and output. An attacker could exploit this vulnerability to execute JavaScript code on the client side.

CPENameOperatorVersion
jenkins publish over ssh pluginle1.22

CPE	Name	Operator	Version
	jenkins publish over ssh plugin	le	1.22

0.001 Low

EPSS

Percentile

22.0%

JSON

Related for CNVD-2022-05039