Vulnerability Details CVE-2022-34192
Jenkins ontrack Jenkins Plugin 4.0.0 and earlier does not escape the name of Ontrack: Multi Parameter choice, Ontrack: Parameter choice, and Ontrack: SingleParameter parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.316
EPSS Ranking 96.6%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
Products affected by CVE-2022-34192
-
cpe:2.3:a:jenkins:ontrack:2.0.0
-
cpe:2.3:a:jenkins:ontrack:2.0.1
-
cpe:2.3:a:jenkins:ontrack:2.1.0
-
cpe:2.3:a:jenkins:ontrack:2.11.0
-
cpe:2.3:a:jenkins:ontrack:2.12.0
-
cpe:2.3:a:jenkins:ontrack:2.13.0
-
cpe:2.3:a:jenkins:ontrack:2.13.1
-
cpe:2.3:a:jenkins:ontrack:2.13.2
-
cpe:2.3:a:jenkins:ontrack:2.14.0
-
cpe:2.3:a:jenkins:ontrack:2.15.0
-
cpe:2.3:a:jenkins:ontrack:2.16.0
-
cpe:2.3:a:jenkins:ontrack:2.17.0
-
cpe:2.3:a:jenkins:ontrack:2.18.0
-
cpe:2.3:a:jenkins:ontrack:2.18.1
-
cpe:2.3:a:jenkins:ontrack:2.19.0
-
cpe:2.3:a:jenkins:ontrack:2.19.1
-
cpe:2.3:a:jenkins:ontrack:2.19.2
-
cpe:2.3:a:jenkins:ontrack:2.2.0
-
cpe:2.3:a:jenkins:ontrack:2.2.1
-
cpe:2.3:a:jenkins:ontrack:2.21.0
-
cpe:2.3:a:jenkins:ontrack:2.22.0
-
cpe:2.3:a:jenkins:ontrack:2.22.1
-
cpe:2.3:a:jenkins:ontrack:2.22.2
-
cpe:2.3:a:jenkins:ontrack:2.22.3
-
cpe:2.3:a:jenkins:ontrack:2.22.4
-
cpe:2.3:a:jenkins:ontrack:2.25.0
-
cpe:2.3:a:jenkins:ontrack:2.25.1
-
cpe:2.3:a:jenkins:ontrack:2.26.0
-
cpe:2.3:a:jenkins:ontrack:2.28.1
-
cpe:2.3:a:jenkins:ontrack:2.28.2
-
cpe:2.3:a:jenkins:ontrack:2.29.0
-
cpe:2.3:a:jenkins:ontrack:2.29.1
-
cpe:2.3:a:jenkins:ontrack:2.3.0
-
cpe:2.3:a:jenkins:ontrack:2.30.1
-
cpe:2.3:a:jenkins:ontrack:2.30.2
-
cpe:2.3:a:jenkins:ontrack:2.30.3
-
cpe:2.3:a:jenkins:ontrack:2.30.3.1
-
cpe:2.3:a:jenkins:ontrack:2.30.3.2
-
cpe:2.3:a:jenkins:ontrack:2.30.3.3
-
cpe:2.3:a:jenkins:ontrack:2.30.3.4
-
cpe:2.3:a:jenkins:ontrack:2.30.3.5
-
cpe:2.3:a:jenkins:ontrack:2.30.3.6
-
cpe:2.3:a:jenkins:ontrack:2.30.3.7
-
cpe:2.3:a:jenkins:ontrack:2.30.3.8
-
cpe:2.3:a:jenkins:ontrack:2.30.4
-
cpe:2.3:a:jenkins:ontrack:2.30.5
-
cpe:2.3:a:jenkins:ontrack:2.31.0
-
cpe:2.3:a:jenkins:ontrack:2.31.1
-
cpe:2.3:a:jenkins:ontrack:2.31.2
-
cpe:2.3:a:jenkins:ontrack:2.31.3
-
cpe:2.3:a:jenkins:ontrack:2.31.4
-
cpe:2.3:a:jenkins:ontrack:2.31.5
-
cpe:2.3:a:jenkins:ontrack:2.31.6
-
cpe:2.3:a:jenkins:ontrack:2.32.0
-
cpe:2.3:a:jenkins:ontrack:2.32.1
-
cpe:2.3:a:jenkins:ontrack:2.32.2
-
cpe:2.3:a:jenkins:ontrack:2.32.3
-
cpe:2.3:a:jenkins:ontrack:2.32.4
-
cpe:2.3:a:jenkins:ontrack:2.32.5
-
cpe:2.3:a:jenkins:ontrack:2.33.0
-
cpe:2.3:a:jenkins:ontrack:2.33.1
-
cpe:2.3:a:jenkins:ontrack:2.33.2
-
cpe:2.3:a:jenkins:ontrack:2.33.3
-
cpe:2.3:a:jenkins:ontrack:2.33.4
-
cpe:2.3:a:jenkins:ontrack:2.4.0
-
cpe:2.3:a:jenkins:ontrack:2.4.1
-
cpe:2.3:a:jenkins:ontrack:2.4.2
-
cpe:2.3:a:jenkins:ontrack:2.4.3
-
cpe:2.3:a:jenkins:ontrack:2.5.0
-
cpe:2.3:a:jenkins:ontrack:2.6.0
-
cpe:2.3:a:jenkins:ontrack:2.7.0
-
cpe:2.3:a:jenkins:ontrack:2.8.0
-
cpe:2.3:a:jenkins:ontrack:2.9.0
-
cpe:2.3:a:jenkins:ontrack:3.0
-
cpe:2.3:a:jenkins:ontrack:3.1
-
cpe:2.3:a:jenkins:ontrack:3.2
-
cpe:2.3:a:jenkins:ontrack:3.3
-
cpe:2.3:a:jenkins:ontrack:3.4
-
cpe:2.3:a:jenkins:ontrack:4.0.0