Validating String Parameter Plugin

Source repositories

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2022-34791	Jenkins Project Validating String Parameter Plugin		0.01	—	0.01		Jun 30, 2022	Jenkins Validating Email Parameter Plugin 1.10 and earlier does not escape the name and description of its parameter type, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
CVE-2020-2257	Jenkins Project Validating String Parameter Plugin		0.00	—	0.01		Sep 16, 2020	Jenkins Validating String Parameter Plugin 2.4 and earlier does not escape various user-controlled fields, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.

CVE-2022-34791Jun 30, 2022
Jenkins Project
Validating String Parameter Plugin
risk 0.01cvss —epss 0.01
Jenkins Validating Email Parameter Plugin 1.10 and earlier does not escape the name and description of its parameter type, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
CVE-2020-2257Sep 16, 2020
Jenkins Project
Validating String Parameter Plugin
risk 0.00cvss —epss 0.01
Jenkins Validating String Parameter Plugin 2.4 and earlier does not escape various user-controlled fields, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.