Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-27196 | 1 Jenkins | 1 Favorite | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
Jenkins Favorite Plugin 2.4.0 and earlier does not escape the names of jobs in the favorite column, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure or Item/Create permissions. | |||||
CVE-2017-1000244 | 1 Jenkins | 1 Favorite | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
Jenkins Favorite Plugin version 2.2.0 and older is vulnerable to CSRF resulting in data modification |