Vulnerability Details CVE-2022-38664
Jenkins Job Configuration History Plugin 1165.v8cc9fd1f4597 and earlier does not escape the job name on the System Configuration History page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure job names.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.031
EPSS Ranking 86.2%
CVSS Severity
CVSS v3 Score 5.4
References
Products affected by CVE-2022-38664
-
cpe:2.3:a:jenkins:job_configuration_history:1.10
-
cpe:2.3:a:jenkins:job_configuration_history:1.11
-
cpe:2.3:a:jenkins:job_configuration_history:1.12
-
cpe:2.3:a:jenkins:job_configuration_history:1.13
-
cpe:2.3:a:jenkins:job_configuration_history:1.9
-
cpe:2.3:a:jenkins:job_configuration_history:1119.v509e1017356b_
-
cpe:2.3:a:jenkins:job_configuration_history:1133.v0f5420f85053
-
cpe:2.3:a:jenkins:job_configuration_history:1139.v888b_656ca_f6d
-
cpe:2.3:a:jenkins:job_configuration_history:1146.v94c2521f9213
-
cpe:2.3:a:jenkins:job_configuration_history:1155.v28a_46a_cc06a_5
-
cpe:2.3:a:jenkins:job_configuration_history:1156.v536a_97b_8d649
-
cpe:2.3:a:jenkins:job_configuration_history:1163.ve82c7c6e60a_3
-
cpe:2.3:a:jenkins:job_configuration_history:1165.v8cc9fd1f4597
-
cpe:2.3:a:jenkins:job_configuration_history:2.0
-
cpe:2.3:a:jenkins:job_configuration_history:2.1
-
cpe:2.3:a:jenkins:job_configuration_history:2.1.1
-
cpe:2.3:a:jenkins:job_configuration_history:2.10
-
cpe:2.3:a:jenkins:job_configuration_history:2.11
-
cpe:2.3:a:jenkins:job_configuration_history:2.12
-
cpe:2.3:a:jenkins:job_configuration_history:2.13
-
cpe:2.3:a:jenkins:job_configuration_history:2.14
-
cpe:2.3:a:jenkins:job_configuration_history:2.15
-
cpe:2.3:a:jenkins:job_configuration_history:2.16
-
cpe:2.3:a:jenkins:job_configuration_history:2.17
-
cpe:2.3:a:jenkins:job_configuration_history:2.18
-
cpe:2.3:a:jenkins:job_configuration_history:2.18.1
-
cpe:2.3:a:jenkins:job_configuration_history:2.18.2
-
cpe:2.3:a:jenkins:job_configuration_history:2.18.3
-
cpe:2.3:a:jenkins:job_configuration_history:2.19
-
cpe:2.3:a:jenkins:job_configuration_history:2.2
-
cpe:2.3:a:jenkins:job_configuration_history:2.20
-
cpe:2.3:a:jenkins:job_configuration_history:2.21
-
cpe:2.3:a:jenkins:job_configuration_history:2.22
-
cpe:2.3:a:jenkins:job_configuration_history:2.23
-
cpe:2.3:a:jenkins:job_configuration_history:2.23.1
-
cpe:2.3:a:jenkins:job_configuration_history:2.24
-
cpe:2.3:a:jenkins:job_configuration_history:2.25
-
cpe:2.3:a:jenkins:job_configuration_history:2.26
-
cpe:2.3:a:jenkins:job_configuration_history:2.27
-
cpe:2.3:a:jenkins:job_configuration_history:2.28
-
cpe:2.3:a:jenkins:job_configuration_history:2.28.1
-
cpe:2.3:a:jenkins:job_configuration_history:2.29
-
cpe:2.3:a:jenkins:job_configuration_history:2.29-rc1073.41ef89cf4e15
-
cpe:2.3:a:jenkins:job_configuration_history:2.3
-
cpe:2.3:a:jenkins:job_configuration_history:2.30
-
cpe:2.3:a:jenkins:job_configuration_history:2.31-rc1092.de9e11acbcf3
-
cpe:2.3:a:jenkins:job_configuration_history:2.31-rc1098.b666422863b2
-
cpe:2.3:a:jenkins:job_configuration_history:2.31-rc1107.2354f08725a_8
-
cpe:2.3:a:jenkins:job_configuration_history:2.31-rc1118.fdcd7d8898ff
-
cpe:2.3:a:jenkins:job_configuration_history:2.4
-
cpe:2.3:a:jenkins:job_configuration_history:2.5
-
cpe:2.3:a:jenkins:job_configuration_history:2.6
-
cpe:2.3:a:jenkins:job_configuration_history:2.8
-
cpe:2.3:a:jenkins:job_configuration_history:2.9