Skip to main content

CVE-2022-43435

Severity Medium
Score 5.3/10

Summary

Jenkins 360 FireLine Plugin 1.7.2 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download.

  • LOW
  • NETWORK
  • NONE
  • UNCHANGED
  • NONE
  • NONE
  • LOW
  • NONE

References

Advisory Timeline

  • Published