Vulnerability Details CVE-2022-34778
Jenkins TestNG Results Plugin 554.va4a552116332 and earlier renders the unescaped test descriptions and exception messages provided in test results if certain job-level options are set, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers able to configure jobs or control test results.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.026
EPSS Ranking 84.7%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
Products affected by CVE-2022-34778
-
cpe:2.3:a:jenkins:testng_results:0.10
-
cpe:2.3:a:jenkins:testng_results:0.11
-
cpe:2.3:a:jenkins:testng_results:0.12
-
cpe:2.3:a:jenkins:testng_results:0.13
-
cpe:2.3:a:jenkins:testng_results:0.14
-
cpe:2.3:a:jenkins:testng_results:0.15
-
cpe:2.3:a:jenkins:testng_results:0.16
-
cpe:2.3:a:jenkins:testng_results:0.17
-
cpe:2.3:a:jenkins:testng_results:0.18
-
cpe:2.3:a:jenkins:testng_results:0.19
-
cpe:2.3:a:jenkins:testng_results:0.20
-
cpe:2.3:a:jenkins:testng_results:0.21
-
cpe:2.3:a:jenkins:testng_results:0.22
-
cpe:2.3:a:jenkins:testng_results:0.23
-
cpe:2.3:a:jenkins:testng_results:0.24
-
cpe:2.3:a:jenkins:testng_results:0.25
-
cpe:2.3:a:jenkins:testng_results:0.26
-
cpe:2.3:a:jenkins:testng_results:0.27
-
cpe:2.3:a:jenkins:testng_results:0.28
-
cpe:2.3:a:jenkins:testng_results:0.29
-
cpe:2.3:a:jenkins:testng_results:0.30
-
cpe:2.3:a:jenkins:testng_results:0.31
-
cpe:2.3:a:jenkins:testng_results:0.32
-
cpe:2.3:a:jenkins:testng_results:0.33
-
cpe:2.3:a:jenkins:testng_results:0.9
-
cpe:2.3:a:jenkins:testng_results:1.0
-
cpe:2.3:a:jenkins:testng_results:1.1
-
cpe:2.3:a:jenkins:testng_results:1.10
-
cpe:2.3:a:jenkins:testng_results:1.11
-
cpe:2.3:a:jenkins:testng_results:1.12
-
cpe:2.3:a:jenkins:testng_results:1.13
-
cpe:2.3:a:jenkins:testng_results:1.14
-
cpe:2.3:a:jenkins:testng_results:1.15
-
cpe:2.3:a:jenkins:testng_results:1.2
-
cpe:2.3:a:jenkins:testng_results:1.3
-
cpe:2.3:a:jenkins:testng_results:1.4
-
cpe:2.3:a:jenkins:testng_results:1.5
-
cpe:2.3:a:jenkins:testng_results:1.6
-
cpe:2.3:a:jenkins:testng_results:1.7
-
cpe:2.3:a:jenkins:testng_results:1.8
-
cpe:2.3:a:jenkins:testng_results:1.9
-
cpe:2.3:a:jenkins:testng_results:1.9.1
-
cpe:2.3:a:jenkins:testng_results:552.va20eb2369116
-
cpe:2.3:a:jenkins:testng_results:554.va4a552116332