Maven package
io.jenkins.plugins/rest-list-parameter
pkg:maven/io.jenkins.plugins/rest-list-parameter
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-34196 | — | < 1.6.0 | 1.6.0 | Jun 22, 2022 | Jenkins REST List Parameter Plugin 1.5.2 and earlier does not escape the name and description of REST list parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | ||
| CVE-2021-21635 | — | < 1.3.1 | 1.3.1 | Mar 30, 2021 | Jenkins REST List Parameter Plugin 1.3.0 and earlier does not escape a parameter name reference in embedded JavaScript, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission. |
- CVE-2022-34196Jun 22, 2022affected < 1.6.0fixed 1.6.0
Jenkins REST List Parameter Plugin 1.5.2 and earlier does not escape the name and description of REST list parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
- CVE-2021-21635Mar 30, 2021affected < 1.3.1fixed 1.3.1
Jenkins REST List Parameter Plugin 1.3.0 and earlier does not escape a parameter name reference in embedded JavaScript, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.