CVE-2022-41224 – Jenkins 2.367 through 2.369 (both inclusive) does not escape tooltips of the l:helpIcon UI …

21 September 2022

Vuln ID: CVE-2022-41224

Published: 2022-09-21 16:15:09Z

Description: Jenkins 2.367 through 2.369 (both inclusive) does not escape tooltips of the l:helpIcon UI component used for some help icons on the Jenkins web UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control tooltips for this component.

Source: NVD.NIST.GOV

Date:

21 September 2022

Categorie(s):

NVD

Tag(s):

NVD

F5 shares fall over 9% on disappointing earnings outlook30 April 2024
AT&T, Verizon, Sprint, T-Mobile US fined $200M for selling off people’s location info29 April 2024
Board’s Pivotal Role in Cybersecurity as CISO-CEO Communication Gaps Continue – BSW #34829 April 2024
Meet Silver SAML: Golden SAML in the Cloud – Eric Woodruff – BSW #34829 April 2024
F5 shares fall over 9% on disappointing third quarter guidance29 April 2024