Jenkins Project Jenkins Plot Plugin vulnerabilities
2 known vulnerabilities affecting jenkins_project/jenkins_plot_plugin.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2022-46682CRITICALCVSS 9.8≥ unspecified, ≤ 2.1.112022-12-12
CVE-2022-46682 [CRITICAL] CWE-611 CVE-2022-46682: Jenkins Plot Plugin 2.1.11 and earlier does not configure its XML parser to prevent XML external ent
Jenkins Plot Plugin 2.1.11 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
nvd
CVE-2022-34783MEDIUMCVSS 5.4≥ unspecified, ≤ 2.1.102022-06-30
CVE-2022-34783 [MEDIUM] CWE-79 CVE-2022-34783: Jenkins Plot Plugin 2.1.10 and earlier does not escape plot descriptions, resulting in a stored cros
Jenkins Plot Plugin 2.1.10 and earlier does not escape plot descriptions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
nvd