admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2022/29xxx/CVE-2022-29042.json
CVE Team 6b98373cc2
"-Synchronized-Data."
2022-04-12 20:02:14 +00:00

67 lines
2.4 KiB
JSON
Raw Blame History

{
"CVE_data_meta": {
"ID": "CVE-2022-29042",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Job Generator Plugin",
"version": {
"version_data": [
{
"version_value": "1.22",
"version_affected": "<="
},
{
"version_value": "1.22",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Jenkins Job Generator Plugin 1.22 and earlier does not escape the name and description of Generator Parameter and Generator Choice parameters on Job Generator jobs' Build With Parameters views, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-04-12/#SECURITY-2617",
"url": "https://www.jenkins.io/security/advisory/2022-04-12/#SECURITY-2617",
"refsource": "CONFIRM"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink