Lucene search
GoogleOSV:CVE-2022-45387HistoryNov 15, 2022 - 8:15 p.m.
CVE-2022-45387
2022-11-1520:15:12
Google
osv.dev
2
jenkins
bart plugin
xss
vulnerability
build logs
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
33.3%
Jenkins BART Plugin 1.0.3 and earlier does not escape the parsed content of build logs before rendering it on the Jenkins UI, resulting in a stored cross-site scripting (XSS) vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| bart-plugin | eq | 1.0.0 | |
| bart-plugin | eq | 1.0.2 | |
| bart-plugin | eq | 1.0.3 |
Related
osv
osv
Jenkins BART Plugin vulnerable to cross-site scripting (XSS)
2022-11-16 12:00:23
cvelist
cvelist
CVE-2022-45387
2022-11-15 00:00:00
nvd
nvd
CVE-2022-45387
2022-11-15 20:15:12
github
github
Jenkins BART Plugin vulnerable to cross-site scripting (XSS)
2022-11-16 12:00:23
cve
cve
CVE-2022-45387
2022-11-15 20:15:12
prion
prion
Cross site scripting
2022-11-15 20:15:00
nessus
nessus
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
33.3%
Related for OSV:CVE-2022-45387