Jenkins Build With Parameters vulnerabilities
2 known vulnerabilities affecting jenkins/build_with_parameters.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2021-21629HIGHCVSS 8.8≤ 1.52021-03-30
CVE-2021-21629 [HIGH] CWE-352 CVE-2021-21629: A cross-site request forgery (CSRF) vulnerability in Jenkins Build With Parameters Plugin 1.5 and ea
A cross-site request forgery (CSRF) vulnerability in Jenkins Build With Parameters Plugin 1.5 and earlier allows attackers to build a project with attacker-specified parameters.
nvd
CVE-2021-21628MEDIUMCVSS 5.4≤ 1.52021-03-30
CVE-2021-21628 [MEDIUM] CWE-79 CVE-2021-21628: Jenkins Build With Parameters Plugin 1.5 and earlier does not escape parameter names and description
Jenkins Build With Parameters Plugin 1.5 and earlier does not escape parameter names and descriptions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
nvd