CVE-2022-34170 (jenkins) | allinfosecnews.com

June 23, 2022, 5:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

In Jenkins 2.320 through 2.355 (both inclusive) and LTS 2.332.1 through LTS 2.332.3 (both inclusive) the help icon does not escape the feature name that is part of its tooltip, effectively undoing the fix for SECURITY-1955, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 5 months, 3 weeks ago | web.nvd.nist.gov

attackers cve denial of service issue +1

CVE-2023-40101 (android) 5 months, 3 weeks ago | web.nvd.nist.gov

android check collapse cve +7

CVE-2023-21377 (android) 5 months, 3 weeks ago | web.nvd.nist.gov

android bypass cve disclosure +8

CVE-2023-21380 (android) 5 months, 3 weeks ago | web.nvd.nist.gov

android bluetooth buffer buffer overflow +9

CVE-2023-21382 (android) 5 months, 3 weeks ago | web.nvd.nist.gov

access android check cve +11

CVE-2023-21381 (android) 5 months, 3 weeks ago | web.nvd.nist.gov

android arbitrary code code code execution +10

CVE-2023-21385 (android) 5 months, 3 weeks ago | web.nvd.nist.gov

android corruption cve disclosure +7

CVE-2023-21387 (android) 5 months, 3 weeks ago | web.nvd.nist.gov

android backup bypass cve +11

CVE-2023-21389 (android) 5 months, 3 weeks ago | web.nvd.nist.gov

android bypass check cve +10

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Security Architect - Hardware

@ Intel | IND - Bengaluru

View on infosec-jobs.com

Elastic Consultant

@ Elastic | Spain

View on infosec-jobs.com

OT Cybersecurity Specialist

@ Emerson | Abu Dhabi, United Arab Emirates

View on infosec-jobs.com

Security Operations Program Manager

@ Kaseya | Miami, Florida, United States

View on infosec-jobs.com

Senior Security Operations Engineer

@ Revinate | Vancouver

View on infosec-jobs.com