← Back

Favorite

favorite

Vendor: Jenkins • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-27196
1Jenkins
1Favorite
Jun 17, 2026
Mar 15, 2022
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
Jenkins Favorite Plugin 2.4.0 and earlier does not escape the names of jobs in the favorite column, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure or Item/Crea...Show more
Jenkins Favorite Plugin 2.4.0 and earlier does not escape the names of jobs in the favorite column, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure or Item/Create permissions.Show less
CVE-2017-1000244
1Jenkins
1Favorite
May 13, 2026
Nov 1, 2017
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Jenkins Favorite Plugin version 2.2.0 and older is vulnerable to CSRF resulting in data modification