CVE-2022-29043: XSS
First published: Tue Apr 12 2022(Updated: )
Credit: jenkinsci-cert@googlegroups.com jenkinsci-cert@googlegroups.com jenkinsci-cert@googlegroups.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Jenkins Mask Passwords | <=3.0 | |
| maven/org.jenkins-ci.plugins:mask-passwords | <3.1 | 3.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2022-29043.
What is the severity level of CVE-2022-29043?
The severity level of CVE-2022-29043 is medium, with a severity value of 5.4.
What is the affected software for CVE-2022-29043?
The affected software for CVE-2022-29043 is Jenkins Mask Passwords Plugin 3.0 and earlier.
What is the impact of CVE-2022-29043?
CVE-2022-29043 allows attackers with Item/Configure permission to exploit a stored cross-site scripting (XSS) vulnerability in Jenkins Mask Passwords Plugin 3.0 and earlier.
How can I fix CVE-2022-29043?
To fix CVE-2022-29043, it is recommended to upgrade to version 3.1 or later of the Jenkins Mask Passwords Plugin.
- collector/nvd-index
- collector/github-advisory-latest
- alias/GHSA-pjm3-f4vh-3h3h
- alias/CVE-2022-29043
- collector/nvd-cve
- collector/github-advisory
- collector/nvd-api
- agent/author
- agent/weakness
- agent/severity
- agent/references
- agent/type
- agent/tags
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/jenkins
- canonical/jenkins mask passwords
- version/jenkins mask passwords/3.0
- package-manager/maven