CVE-2022-34184 – Jenkins CRX Content Package Deployer Plugin 1.9 and earlier does not escape the name and d …

23 June 2022

Vuln ID: CVE-2022-34184

Published: 2022-06-23 17:15:16Z

Description: Jenkins CRX Content Package Deployer Plugin 1.9 and earlier does not escape the name and description of CRX Content Package Choice parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

Source: NVD.NIST.GOV

Date:

23 June 2022

Categorie(s):

NVD

Tag(s):

NVD

7-Year-Old 0-Day in Microsoft Office Exploited to Drop Cobalt Strike27 April 2024
AI Helps Improve About Managed Detection and Response26 April 2024
TikTok, Flowmon, Cisco, Brokewell, RuggedCom, Deepfakes, Non-Competes, Aaran Leyland – SWN #38126 April 2024
Impact of organizational structure on ransomware outcomes: Where does your org fit in?26 April 2024
Hackers try to exploit WordPress plugin vulnerability that’s as severe as it gets26 April 2024