Vulnerabilities > Jenkins > Subversion > 2.15.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-04-12 | CVE-2022-29046 | Cross-site Scripting vulnerability in multiple products Jenkins Subversion Plugin 2.15.3 and earlier does not escape the name and description of List Subversion tags (and more) parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 5.4 |
2022-04-12 | CVE-2022-29048 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products A cross-site request forgery (CSRF) vulnerability in Jenkins Subversion Plugin 2.15.3 and earlier allows attackers to connect to an attacker-specified URL. | 4.3 |