Skip to main content

Extra Columns

2 CVEs product

Monthly

CVE-2021-21630 Maven MEDIUM PATCH This Month

Jenkins Extra Columns Plugin 1.22 and earlier does not escape parameter values in the build parameters column, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins XSS Extra Columns
NVD
CVSS 3.1
5.4
EPSS
72.4%
CVE-2016-3101 Maven MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Jenkins Extra Columns
NVD
CVSS 3.1
5.4
EPSS
0.2%
EPSS 72% CVSS 5.4
MEDIUM PATCH This Month

Jenkins Extra Columns Plugin 1.22 and earlier does not escape parameter values in the build parameters column, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins XSS Extra Columns
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Jenkins Extra Columns
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy