Lucene search
JenkinsCVELIST:CVE-2022-20615HistoryJan 12, 2022 - 7:05 p.m.
CVE-2022-20615
2022-01-1219:05:49
jenkins
www.cve.org
1
Jenkins Matrix Project Plugin 1.19 and earlier does not escape HTML metacharacters in node and label names, and label descriptions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Agent/Configure permission.
CNA Affected
[
{
"product": "Jenkins Matrix Project Plugin",
"vendor": "Jenkins project",
"versions": [
{
"lessThanOrEqual": "1.19",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.18.1"
}
]
}
]Related
redhatcve
redhatcve
CVE-2022-20615
2022-01-24 18:05:35
osv
osv
Stored XSS vulnerability in Matrix Project Plugin
2022-01-13 00:01:04
CVE-2022-20615
2022-01-12 20:15:08
cnvd
cnvd
Jenkins Matrix Project Plugin Cross-Site Scripting Vulnerability
2022-01-16 00:00:00
checkpoint_advisories
checkpoint_advisories
Jenkins Matrix Project Plugin Cross-Site Scripting (CVE-2022-20615)
2022-11-03 00:00:00
github
github
Stored XSS vulnerability in Matrix Project Plugin
2022-01-13 00:01:04
prion
prion
Cross site scripting
2022-01-12 20:15:00
nvd
nvd
CVE-2022-20615
2022-01-12 20:15:08
cve
cve
CVE-2022-20615
2022-01-12 20:15:08
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2022-01-12)
2022-01-21 00:00:00
Jenkins LTS < 2.319.2 / Jenkins weekly < 2.330 Multiple Vulnerabilities
2022-01-21 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2022
2022-04-19 00:00:00