Security Advisory
CVE-2022-34194
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Jenkins Readonly Parameter Plugin 1.0.0 and earlier does not escape the name and description of Readonly String and Readonly Text parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.