Skip to main content

Stash Branch Parameter

2 CVEs product

Monthly

CVE-2022-34198 Maven MEDIUM This Month

Jenkins Stash Branch Parameter Plugin 0.3.0 and earlier does not escape the name and description of Stash Branch parameters on views displaying parameters, resulting in a stored cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Stash Branch Parameter
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2020-2210 Maven MEDIUM This Month

Jenkins Stash Branch Parameter Plugin 0.3.0 and earlier transmits configured passwords in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins Information Disclosure Stash Branch Parameter
NVD
CVSS 3.1
4.3
EPSS
0.7%
EPSS 1% CVSS 5.4
MEDIUM This Month

Jenkins Stash Branch Parameter Plugin 0.3.0 and earlier does not escape the name and description of Stash Branch parameters on views displaying parameters, resulting in a stored cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Stash Branch Parameter
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Jenkins Stash Branch Parameter Plugin 0.3.0 and earlier transmits configured passwords in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins Information Disclosure Stash Branch Parameter
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy