← Back

Stash Branch Parameter

stash_branch_parameter

Vendor: Jenkins • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-34198
1Jenkins
1Stash Branch Parameter
Nov 21, 2024
Jun 23, 2022
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
Jenkins Stash Branch Parameter Plugin 0.3.0 and earlier does not escape the name and description of Stash Branch parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability e...Show more
Jenkins Stash Branch Parameter Plugin 0.3.0 and earlier does not escape the name and description of Stash Branch parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.Show less
CVE-2020-2210
1Jenkins
1Stash Branch Parameter
Nov 21, 2024
Jul 2, 2020
N/A· v4
4.3 MEDIUM· v3
4.3 MEDIUM· v2
Jenkins Stash Branch Parameter Plugin 0.3.0 and earlier transmits configured passwords in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure.