org.jenkins-ci.plugins:autocomplete-parameter
Maven3 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting org.jenkins-ci.plugins:autocomplete-parameterpage 1 of 1
- CVE-2022-30961MEDIUMCVSS 5.4EG 8.02022-05-17
vulnerable: 1.0, 1.1
Jenkins Autocomplete Parameter Plugin 1.1 and earlier does not escape the name of Dropdown Autocomplete and Auto Complete String parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability expl…
- CVE-2022-30969HIGHCVSS 8.8EG 8.82022-05-17
vulnerable: 1.0, 1.1
A cross-site request forgery (CSRF) vulnerability in Jenkins Autocomplete Parameter Plugin 1.1 and earlier allows attackers to execute arbitrary code without sandbox protection if the victim is an administrator.
- CVE-2022-30970MEDIUMCVSS 5.4EG 8.02022-05-17
vulnerable: 1.0, 1.1
Jenkins Autocomplete Parameter Plugin 1.1 and earlier references Dropdown Autocomplete parameter and Auto Complete String parameter names in an unsafe manner from Javascript embedded in view definitions, resulting in a stored cross-site sc…
Check whether org.jenkins-ci.plugins:autocomplete-parameter is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.jenkins-ci.plugins:autocomplete-parameter CVEs against the assets you own.
Start Free Scan →