cbcvebase.
CVE-2022-34170
published 2022-06-23

CVE-2022-34170: In Jenkins 2.320 through 2.355 (both inclusive) and LTS 2.332.1 through LTS 2.332.3 (both inclusive) the help icon does not escape the feature name that is…

PriorityP425medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
EPSS
1.35%
68.0th percentile
In Jenkins 2.320 through 2.355 (both inclusive) and LTS 2.332.1 through LTS 2.332.3 (both inclusive) the help icon does not escape the feature name that is part of its tooltip, effectively undoing the fix for SECURITY-1955, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.

Affected

35 ranges· showing 25
VendorProductVersion rangeFixed in
jenkinsagent_server_parameter_plugin
jenkinsbeaker_builder_plugin
jenkinsconvertigo_mobile_platform_plugin
jenkinscrx_content_package_deployer_plugin
jenkinsdate_parameter_plugin
jenkinsdynamic_extended_choice_parameter_plugin
jenkinseasyqa_plugin
jenkinsembeddable_build_status_plugin
jenkinsfilesystem_list_parameter_plugin
jenkinshidden_parameter_plugin
jenkinsimage_tag_parameter_plugin
jenkinsimproper_authorization_in_embeddable_build_status_plugin
jenkinsinput_step_plugin
jenkinsjenkins2.320 – 2.355
jenkinsjenkins2.332.1 – 2.332.3
jenkinsjenkins_ci_server_plugin
jenkinsjenkins_core
jenkinsjenkins_lts
jenkinsjenkins_weekly
jenkinsjianliao_notification_plugin
jenkinsjunit_plugin
jenkinsmaven_metadata_plugin
jenkinsnested_view_plugin
jenkinsns-nd_integration_performance_publisher_plugin
jenkinsorchestrator_plugin

CVSS provenance

nvdv3.15.4MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vendor_redhat5.4MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.