Maven package

io.jenkins.plugins/spring-config

pkg:maven/io.jenkins.plugins/spring-config

Vulnerabilities (1)

CVE	Sev	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2022-46687		—		< 2.0.1	2.0.1	Dec 7, 2022	Jenkins Spring Config Plugin 2.0.0 and earlier does not escape build display names shown on the Spring Config view, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to change build display names.

CVE-2022-46687Dec 7, 2022
affected < 2.0.1fixed 2.0.1
Jenkins Spring Config Plugin 2.0.0 and earlier does not escape build display names shown on the Spring Config view, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to change build display names.