Jenkins Git Parameter
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Jenkins Git Parameter.
By the Year
In 2025 there have been 1 vulnerability in Jenkins Git Parameter with an average score of 8.2 out of ten. Git Parameter did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2025 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 1 | 8.20 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 5.40 |
| 2021 | 0 | 0.00 |
| 2020 | 3 | 5.40 |
It may take a day or so for new Git Parameter vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Git Parameter Security Vulnerabilities
Git Parameter Plugin Unvalidated Input Enables Arbitrary Git Parameters
CVE-2025-53652
8.2 - High
- July 09, 2025
Jenkins Git Parameter Plugin 439.vb_0e46ca_14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters.
Improper Input Validation
Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters
CVE-2022-29040
5.4 - Medium
- April 12, 2022
Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
XSS
Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page
CVE-2020-2238
5.4 - Medium
- September 01, 2020
Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
XSS
Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the parameter name shown on the UI
CVE-2020-2112
5.4 - Medium
- February 12, 2020
Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the parameter name shown on the UI, resulting in a stored cross-site scripting vulnerability exploitable by users with Job/Configure permission.
XSS
Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the default value shown on the UI
CVE-2020-2113
5.4 - Medium
- February 12, 2020
Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the default value shown on the UI, resulting in a stored cross-site scripting vulnerability exploitable by users with Job/Configure permission.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Git Parameter or by Jenkins? Click the Watch button to subscribe.
