CVE-2022-34178 is a vulnerability in Jenkins Embeddable Build Status
Published on June 23, 2022

Jenkins Embeddable Build Status Plugin 2.0.3 allows specifying a 'link' query parameter that build status badges will link to, without restricting possible values, resulting in a reflected cross-site scripting (XSS) vulnerability.

NVD

Products Associated with CVE-2022-34178

Want to know whenever a new CVE is published for Jenkins Embeddable Build Status? stack.watch will email you.

Jenkins Embeddable Build Status

Affected Versions

Jenkins project Jenkins Embeddable Build Status Plugin Version 2.0.3 is affected by CVE-2022-34178

Exploit Probability

EPSS

16.13%

Percentile

94.70%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-34178 is a vulnerability in Jenkins Embeddable Build StatusPublished on June 23, 2022

Products Associated with CVE-2022-34178

Affected Versions

Exploit Probability

CVE-2022-34178 is a vulnerability in Jenkins Embeddable Build Status
Published on June 23, 2022