CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Jenkins: >> Dashboard View Security Vulnerabilities

CVE-2022-27197

Jenkins Dashboard View Plugin 2.18 and earlier does not perform URL validation for the Iframe Portlet's Iframe source URL, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure views.

CVSS Score

5.4

EPSS Score

0.015

Published

2022-03-15

CVE-2021-21649

Jenkins Dashboard View Plugin 2.15 and earlier does not escape URLs referenced in Image Dashboard Portlets, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with View/Configure permission.

CVSS Score

5.4

EPSS Score

0.01

Published

2021-05-11

CVE-2019-10396

Jenkins Dashboard View Plugin 2.11 and earlier did not escape build descriptions, resulting in a cross-site scripting vulnerability exploitable by users able to change build descriptions.

CVSS Score

5.4

EPSS Score

0.001

Published

2019-09-12

Page 1

Vulnerabilities

Vulnerable Software

Jenkins: >> Dashboard View Security Vulnerabilities

Products

Pricing

Contact Us