VDB

CVE-2022-34172

CVE-2022-34172 PUBLISHED

In Jenkins 2.340 through 2.355 (both inclusive) symbol-based icons unescape previously escaped values of 'tooltip' parameters, resulting in a cross-site scripting (XSS) vulnerability.

EPSS 3.16% · 87.2th percentile

Risk Scores

EPSS Score
3.16%
87.2th percentile

Affected Products

VendorProductVersions
Bitnamijenkins2.340.0
Bitnamijenkins2.340.0

Exploit Intelligence

Timeline

  • Jun 22, 2022 CVE Published
  • Jun 23, 2022 EPSS Score
  • Aug 11, 2022 EPSS Score
  • Nov 14, 2022 EPSS Score
  • Jan 1, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 7, 2023 EPSS Score
  • May 25, 2023 EPSS Score
  • Aug 28, 2023 EPSS Score
  • Oct 15, 2023 EPSS Score
  • Dec 2, 2023 EPSS Score
  • Mar 6, 2024 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›