Source |
CVE Liste |
Identifiant |
4287160 |
Date de publication |
2022-03-15 17:15:11 (vue: 2022-03-15 19:07:13) |
Titre |
CVE-2022-27207 |
Texte |
Jenkins global-build-stats Plugin 1.5 and earlier does not escape multiple fields in the chart configuration on the 'Global Build Stats' page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Administer permission. |
Envoyé |
Oui |
Condensat |
2022 27207 attackers build chart configuration cross cve does earlier escape exploitable fields global jenkins multiple not overall/administer page permission plugin resulting scripting site stats stored vulnerability xss |
Tags |
Vulnerability
|
Stories |
|
Notes |
|
Move |
|