Vulnerability Details CVE-2022-29947
Woodpecker before 0.15.1 allows XSS via build logs because web/src/components/repo/build/BuildLog.vue lacks escaping.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.5%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2022-29947
-
cpe:2.3:a:woodpecker-ci:woodpecker:-
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.10.0
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.11.0
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.12.0
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.13.0
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.14.0
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.14.1
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.14.2
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.14.3
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.14.4
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.15.0
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.8.100
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.8.101
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.8.102
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.8.103
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.8.104
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.8.105
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.8.106
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.8.91
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.8.92
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.8.93
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.8.94
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.8.95
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.8.96
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.8.97
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.8.98
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.8.99
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.9.0
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.9.1
-
cpe:2.3:a:woodpecker-ci:woodpecker:0.9.2