Lucene search
JenkinsCVELIST:CVE-2022-29042HistoryApr 12, 2022 - 7:50 p.m.
CVE-2022-29042
2022-04-1219:50:38
jenkins
www.cve.org
1
Jenkins Job Generator Plugin 1.22 and earlier does not escape the name and description of Generator Parameter and Generator Choice parameters on Job Generator jobs’ Build With Parameters views, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
CNA Affected
[
{
"product": "Jenkins Job Generator Plugin",
"vendor": "Jenkins project",
"versions": [
{
"lessThanOrEqual": "1.22",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.22",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2022-29042
2022-04-12 20:15:09
cve
cve
CVE-2022-29042
2022-04-12 20:15:09
cnvd
cnvd
Jenkins Job Generator Plugin Cross-Site Scripting Vulnerability
2022-04-13 00:00:00
prion
prion
Cross site scripting
2022-04-12 20:15:00
osv
osv
CVE-2022-29042
2022-04-12 20:15:09
Stored Cross-site Scripting vulnerability in Jenkins Job Generator Plugin
2022-04-13 00:00:17
github
github
Stored Cross-site Scripting vulnerability in Jenkins Job Generator Plugin
2022-04-13 00:00:17
nessus
nessus