CVE-2022-27197

Jenkins Dashboard View Plugin 2.18 and earlier does not perform URL validation for the Iframe Portlet's Iframe source URL, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure views.
Configurations

Configuration 1

cpe:2.3:a:jenkins:dashboard_view:*:*:*:*:*:jenkins:*:*

Information

Published : 2022-03-15 05:15

Updated : 2022-03-23 05:55


NVD link : CVE-2022-27197

Mitre link : CVE-2022-27197

Products Affected
No products.
CWE