Vulnerabilities > Jenkins > Favorite > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-15 | CVE-2022-27196 | Cross-site Scripting vulnerability in Jenkins Favorite Jenkins Favorite Plugin 2.4.0 and earlier does not escape the names of jobs in the favorite column, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure or Item/Create permissions. | 5.4 |