CVE-2022-34190 is a vulnerability in Jenkins Maven Metadata
Published on June 23, 2022

Jenkins Maven Metadata Plugin for Jenkins CI server Plugin 2.1 and earlier does not escape the name and description of List maven artifact versions parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

NVD

Products Associated with CVE-2022-34190

Want to know whenever a new CVE is published for Jenkins Maven Metadata? stack.watch will email you.

Jenkins Maven Metadata

Affected Versions

Jenkins project Jenkins Maven Metadata Plugin for Jenkins CI server Plugin:

Version unspecified, <= 2.1 is affected.
Version next of 2.1 and below unspecified is unknown.

Exploit Probability

EPSS

17.55%

Percentile

95.21%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-34190 is a vulnerability in Jenkins Maven MetadataPublished on June 23, 2022

Products Associated with CVE-2022-34190

Affected Versions

Exploit Probability

CVE-2022-34190 is a vulnerability in Jenkins Maven Metadata
Published on June 23, 2022