Filtered by vendor Jenkins Subscriptions
Filtered by product Dynamic Extended Choice Parameter Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-36902 1 Jenkins 1 Dynamic Extended Choice Parameter 2024-11-21 5.4 Medium
Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape several fields of Moded Extended Choice parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
CVE-2022-34186 1 Jenkins 1 Dynamic Extended Choice Parameter 2024-11-21 5.4 Medium
Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape the name and description of Moded Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
CVE-2020-2124 1 Jenkins 1 Dynamic Extended Choice Parameter 2024-11-21 4.3 Medium
Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system.