An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS03NzU2LTU2aHItMnZjcM0zHA

Stored Cross-site Scripting vulnerability in Jenkins List Git Branches Parameter Plugin

Jenkins List Git Branches Parameter Plugin 0.0.9 and earlier does not escape the name of the 'List Git branches (and more)' parameter, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: about 2 years ago
Updated: 7 months ago

CVSS Score: 5.4
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Identifiers: GHSA-7756-56hr-2vcp, CVE-2022-27212
References: Blast Radius: 1.0

Affected Packages

Affected Version Ranges: <= 0.0.9
No known fixed version