Vulnerability Details CVE-2022-41229
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.134 and earlier does not escape configuration options of the Execute NetStorm/NetCloud Test build step, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.032
EPSS Ranking 86.4%
CVSS Severity
CVSS v3 Score 5.4
References
Products affected by CVE-2022-41229
-
cpe:2.3:a:jenkins:ns-nd_integration_performance_publisher:-
-
cpe:2.3:a:jenkins:ns-nd_integration_performance_publisher:4.8.0.129
-
cpe:2.3:a:jenkins:ns-nd_integration_performance_publisher:4.8.0.130
-
cpe:2.3:a:jenkins:ns-nd_integration_performance_publisher:4.8.0.134
-
cpe:2.3:a:jenkins:ns-nd_integration_performance_publisher:4.8.0.77