Lucene search
GoogleOSV:GHSA-39R3-H8Q6-2PHQHistoryJun 24, 2022 - 12:00 a.m.
Reflected Cross site scripting in Jenkins Embeddable Build Status Plugin
2022-06-2400:00:31
Google
osv.dev
14
0.001 Low
EPSS
Percentile
31.3%
Jenkins Embeddable Build Status Plugin 2.0.3 allows specifying a ‘link’ query parameter that build status badges will link to, without restricting possible values, resulting in a reflected cross-site scripting (XSS) vulnerability.
Embeddable Build Status Plugin 2.0.4 limits URLs to http and https protocols and correctly escapes the provided value.
Related
cve
cve
CVE-2022-34178
2022-06-23 17:15:15
github
github
Reflected Cross site scripting in Jenkins Embeddable Build Status Plugin
2022-06-24 00:00:31
prion
prion
Cross site scripting
2022-06-23 17:15:00
nvd
nvd
CVE-2022-34178
2022-06-23 17:15:15
osv
osv
CVE-2022-34178
2022-06-23 17:15:15
cvelist
cvelist
CVE-2022-34178
2022-06-22 14:41:03
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2022-06-22)
2022-07-15 00:00:00
Jenkins LTS < 2.332.4 / Jenkins weekly < 2.356 Multiple Vulnerabilities
2022-07-15 00:00:00