CVEDB API

Vulnerabilities

Vulnerable Software

Jenkins: >> Junit >> 1.38 Security Vulnerabilities

CVE-2023-25761

Jenkins JUnit Plugin 1166.va_436e268e972 and earlier does not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control test case class names in the JUnit resources processed by the plugin.

CVSS Score

5.4

EPSS Score

0.006

Published

2023-02-15

CVE-2022-45380

Jenkins JUnit Plugin 1159.v0b_396e1e07dd and earlier converts HTTP(S) URLs in test report output to clickable links in an unsafe manner, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

CVSS Score

5.4

EPSS Score

0.005

Published

2022-11-15

CVE-2022-34176

Jenkins JUnit Plugin 1119.va_a_5e9068da_d7 and earlier does not escape descriptions of test results, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Run/Update permission.

CVSS Score

5.4

EPSS Score

0.59

Published

2022-06-23

Page 1

Vulnerabilities

Vulnerable Software

Jenkins: >> Junit >> 1.38 Security Vulnerabilities

Products

Pricing

Contact Us