Skip to main content

Favorite

2 CVEs product

Monthly

CVE-2022-27196 Maven MEDIUM PATCH This Month

Jenkins Favorite Plugin 2.4.0 and earlier does not escape the names of jobs in the favorite column, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Favorite
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2017-1000244 Maven HIGH PATCH This Week

Jenkins Favorite Plugin version 2.2.0 and older is vulnerable to CSRF resulting in data modification. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Jenkins Favorite
NVD
CVSS 3.0
8.8
EPSS
0.1%
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Jenkins Favorite Plugin 2.4.0 and earlier does not escape the names of jobs in the favorite column, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Favorite
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Jenkins Favorite Plugin version 2.2.0 and older is vulnerable to CSRF resulting in data modification. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Jenkins Favorite
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy