{"vulnerability": "CVE-2022-3418", "sightings": [{"uuid": "317134ed-22f8-4586-b2ba-9867d972ec15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34187", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3m4fqpv3cz6h2", "content": "", "creation_timestamp": "2025-10-30T10:25:43.234407Z"}, {"uuid": "c99a4edb-3ce9-43ee-b0c6-005f50a9f054", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34180", "type": "seen", "source": "https://t.me/cibsecurity/45028", "content": "\u203c CVE-2022-34180 \u203c\n\nJenkins Embeddable Build Status Plugin 2.0.3 and earlier does not correctly perform the ViewStatus permission check in the HTTP endpoint it provides for \"unprotected\" status badge access, allowing attackers without any permissions to obtain the build status badge icon for any attacker-specified job and/or build.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-23T20:42:44.000000Z"}, {"uuid": "48f92841-67e2-489e-afff-d12a30fc14c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34188", "type": "seen", "source": "https://t.me/cibsecurity/45029", "content": "\u203c CVE-2022-34188 \u203c\n\nJenkins Hidden Parameter Plugin 0.0.4 and earlier does not escape the name and description of Hidden Parameter parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-23T20:42:46.000000Z"}, {"uuid": "f18d836e-a6c0-4e6e-bd1b-35f8235e7ba7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34187", "type": "seen", "source": "https://t.me/cibsecurity/45036", "content": "\u203c CVE-2022-34187 \u203c\n\nJenkins Filesystem List Parameter Plugin 0.0.7 and earlier does not escape the name and description of File system objects list parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-23T20:42:54.000000Z"}, {"uuid": "62ed80cd-a9cf-4523-bb07-05507289219c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34185", "type": "seen", "source": "https://t.me/cibsecurity/45019", "content": "\u203c CVE-2022-34185 \u203c\n\nJenkins Date Parameter Plugin 0.0.4 and earlier does not escape the name and description of Date parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-23T20:36:06.000000Z"}, {"uuid": "093dd70f-bb7e-4773-8083-a0376c7e77e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34186", "type": "seen", "source": "https://t.me/cibsecurity/44994", "content": "\u203c CVE-2022-34186 \u203c\n\nJenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape the name and description of Moded Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-23T20:29:50.000000Z"}, {"uuid": "40bccd99-1bbb-4a72-8037-92e6fbd024b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34189", "type": "seen", "source": "https://t.me/cibsecurity/44990", "content": "\u203c CVE-2022-34189 \u203c\n\nJenkins Image Tag Parameter Plugin 1.10 and earlier does not escape the name and description of Image Tag parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-23T20:29:46.000000Z"}, {"uuid": "dfa8212d-7b32-438c-9925-866977fca854", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34188", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3m47yoaxmbbz2", "content": "", "creation_timestamp": "2025-10-28T03:34:14.795821Z"}]}