CVE-2022-34176

Summary

Jenkins JUnit Plugin 1119.va_a_5e9068da_d7 and earlier does not escape descriptions of test results, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Run/Update permission.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins JUnit Plugin1.53.0.1unaffected
Jenkins projectJenkins JUnit Pluginunspecified <= 1119.va_a_5e9068da_d7affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References