Lucene search
JenkinsCVELIST:CVE-2022-41225HistorySep 21, 2022 - 3:45 p.m.
CVE-2022-41225
2022-09-2115:45:47
jenkins
www.cve.org
jenkins
anchore
container image scanner
xss
vulnerability
api
exploitable
Jenkins Anchore Container Image Scanner Plugin 1.0.24 and earlier does not escape content provided by the Anchore engine API, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control API responses by Anchore engine.
CNA Affected
[
{
"product": "Jenkins Anchore Container Image Scanner Plugin",
"vendor": "Jenkins project",
"versions": [
{
"lessThanOrEqual": "1.0.24",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2022-41225
2022-09-21 16:15:09
osv
osv
Jenkins Anchore Container Image Scanner Plugin vulnerable to cross site scripting
2022-09-22 00:00:28
CVE-2022-41225
2022-09-21 16:15:09
prion
prion
Cross site scripting
2022-09-21 16:15:00
nvd
nvd
CVE-2022-41225
2022-09-21 16:15:09
github
github
nessus
nessus
Jenkins weekly < 2.370 Multiple Vulnerabilities
2022-10-07 00:00:00
Jenkins plugins Multiple Vulnerabilities (2022-09-21)
2022-10-07 00:00:00