Maven package

org.jenkins-ci.plugins/nested-view

pkg:maven/org.jenkins-ci.plugins/nested-view

Vulnerabilities (2)

CVE	Sev	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2022-34182		—		>= 1.20, < 1.26	1.26	Jun 22, 2022	Jenkins Nested View Plugin 1.20 through 1.25 (both inclusive) does not escape search parameters, resulting in a reflected cross-site scripting (XSS) vulnerability.
CVE-2021-21680		—		< 1.21	1.21	Aug 31, 2021	Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity (XXE) attacks.

CVE-2022-34182Jun 22, 2022
affected >= 1.20, < 1.26fixed 1.26
Jenkins Nested View Plugin 1.20 through 1.25 (both inclusive) does not escape search parameters, resulting in a reflected cross-site scripting (XSS) vulnerability.
CVE-2021-21680Aug 31, 2021
affected < 1.21fixed 1.21
Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity (XXE) attacks.