Jenkins Lucene-Search Plugin Reflected XSS on Search Page
CVE-2022-36922 Published on July 27, 2022

Jenkins Lucene-Search Plugin 370.v62a5f618cd3a and earlier does not escape the search query parameter displayed on the 'search' result page, resulting in a reflected cross-site scripting (XSS) vulnerability.

NVD

Products Associated with CVE-2022-36922

Want to know whenever a new CVE is published for Jenkins Lucene Search? stack.watch will email you.

Jenkins Lucene Search

Affected Versions

Jenkins project Jenkins Lucene-Search Plugin:

Version unspecified, <= 370.v62a5f618cd3a is affected.
Version next of 370.v62a5f618cd3a and below unspecified is unknown.

Exploit Probability

EPSS

16.25%

Percentile

94.71%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Jenkins Lucene-Search Plugin Reflected XSS on Search PageCVE-2022-36922 Published on July 27, 2022

Products Associated with CVE-2022-36922

Affected Versions

Exploit Probability

Jenkins Lucene-Search Plugin Reflected XSS on Search Page
CVE-2022-36922 Published on July 27, 2022