Lucene search
GoogleOSV:GHSA-4M42-8QFQ-H3Q9HistoryMay 18, 2022 - 12:00 a.m.
Cross-site Scripting in Jenkins Rundeck Plugin
2022-05-1800:00:40
Google
osv.dev
36
0.001 Low
EPSS
Percentile
22.0%
Jenkins Rundeck Plugin 3.6.10 and earlier does not restrict URL schemes in Rundeck webhook submissions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to submit crafted Rundeck webhook payloads. Rundeck Plugin 3.6.11 sanitizes URLs submitted in Rundeck webhook payloads.
Related
nvd
nvd
CVE-2022-30956
2022-05-17 15:15:09
checkpoint_advisories
checkpoint_advisories
Jenkins Rundeck Plugin Cross-Site Scripting (CVE-2022-30956)
2022-11-14 00:00:00
osv
osv
CVE-2022-30956
2022-05-17 15:15:09
prion
prion
Cross site scripting
2022-05-17 15:15:00
cvelist
cvelist
CVE-2022-30956
2022-05-17 14:06:25
alpinelinux
alpinelinux
CVE-2022-30956
2022-05-17 15:15:09
github
github
Cross-site Scripting in Jenkins Rundeck Plugin
2022-05-18 00:00:40
cve
cve
CVE-2022-30956
2022-05-17 15:15:09
nessus
nessus