CVE-2022-29046
Summary
| CVE | CVE-2022-29046 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-04-12 20:15:00 UTC |
|---|
| Updated | 2023-11-02 22:00:00 UTC |
|---|
| Description | Jenkins Subversion Plugin 2.15.3 and earlier does not escape the name and description of List Subversion tags (and more) parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. |
|---|
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|
| Operating System |
Apple |
Macos |
All |
All |
All |
All |
| Application |
Jenkins |
Subversion |
All |
All |
All |
All |
References
| Reference | Source | Link | Tags |
|---|
| Jenkins Security Advisory 2022-04-12 |
CONFIRM |
www.jenkins.io |
|
| Full Disclosure: APPLE-SA-2022-07-20-2 macOS Monterey 12.5 |
FULLDISC |
seclists.org |
|
| About the security content of macOS Monterey 12.5 - Apple Support |
CONFIRM |
support.apple.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 240353 Red Hat OpenShift Container Platform 4.9 Security Update (RHSA-2022:2205)
- 240386 Red Hat OpenShift Container Platform 5 Security Update (RHSA-2022:2280)
- 240457 Red Hat OpenShift Container Platform 4.7 Security Update (RHSA-2022:4909)
- 240478 Red Hat OpenShift Container Platform 4.6 Security Update (RHSA-2022:4947)
- 376740 Apple macOS Monterey 12.5 Not Installed (HT213345)
- 770152 Red Hat OpenShift Container Platform 4.9 Security Update (RHSA-2022:2205)
- 770154 Red Hat OpenShift Container Platform 4.7 Security Update (RHSA-2022:4909)
- 770159 Red Hat OpenShift Container Platform 4.6 Security Update (RHSA-2022:4947)
