VYPR

Maven package

aendter.jenkins.plugins/filesystem-list-parameter-plugin

pkg:maven/aendter.jenkins.plugins/filesystem-list-parameter-plugin

Vulnerabilities (2)

  • CVE-2024-54004Nov 27, 2024
    affected < 0.0.15fixed 0.0.15

    Jenkins Filesystem List Parameter Plugin 0.0.14 and earlier does not restrict the path used for the File system objects list Parameter, allowing attackers with Item/Configure permission to enumerate file names on the Jenkins controller file system.

  • CVE-2022-34187MedJun 23, 2022
    affected <= 0.0.7

    Jenkins Filesystem List Parameter Plugin 0.0.7 and earlier does not escape the name and description of File system objects list parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure p