CVE-2022-27207
CVE-2022-27207
Jenkins global-build-stats Plugin 1.5 and earlier does not escape multiple fields in the chart configuration on the 'Global Build Stats' page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Administer permission.
Produtos afetados
Jenkins project · Jenkins global-build-stats PluginQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →