https://vulnerability.circl.lu/sightings/feed 2026-05-10T15:49:59.335149+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/085c27a4-09b4-469d-8297-b96b99342a02/export 2026-05-10T15:49:59.685541+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "085c27a4-09b4-469d-8297-b96b99342a02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28159", "type": "seen", "source": "https://t.me/cibsecurity/39724", "content": "\u203c CVE-2022-28159 \u203c\n\nJenkins Tests Selector Plugin 1.3.3 and earlier does not escape the Properties File Path option for Choosing Tests parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-29T16:41:12.000000Z"} 2022-03-29T16:41:12+00:00 https://vulnerability.circl.lu/sighting/d340d7eb-a85c-4976-b196-4836d3abc642/export 2026-05-10T15:49:59.685477+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "d340d7eb-a85c-4976-b196-4836d3abc642", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28158", "type": "seen", "source": "https://t.me/cibsecurity/39729", "content": "\u203c CVE-2022-28158 \u203c\n\nA missing permission check in Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-29T16:41:19.000000Z"} 2022-03-29T16:41:19+00:00 https://vulnerability.circl.lu/sighting/2cd76786-a5f9-4c5b-a8e1-364de2583bd8/export 2026-05-10T15:49:59.685398+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "2cd76786-a5f9-4c5b-a8e1-364de2583bd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28152", "type": "seen", "source": "https://t.me/cibsecurity/39730", "content": "\u203c CVE-2022-28152 \u203c\n\nA cross-site request forgery (CSRF) vulnerability in Jenkins Job and Node ownership Plugin 0.13.0 and earlier allows attackers to restore the default ownership of a job.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-29T16:41:20.000000Z"} 2022-03-29T16:41:20+00:00 https://vulnerability.circl.lu/sighting/9bf8d4bc-ae17-45db-adf7-aff09e4e3f01/export 2026-05-10T15:49:59.685331+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "9bf8d4bc-ae17-45db-adf7-aff09e4e3f01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28155", "type": "seen", "source": "https://t.me/cibsecurity/39738", "content": "\u203c CVE-2022-28155 \u203c\n\nJenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-29T16:41:34.000000Z"} 2022-03-29T16:41:34+00:00 https://vulnerability.circl.lu/sighting/e02d7dc9-0ea7-4690-b216-d0e933b1d64d/export 2026-05-10T15:49:59.685257+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "e02d7dc9-0ea7-4690-b216-d0e933b1d64d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28153", "type": "seen", "source": "https://t.me/cibsecurity/39739", "content": "\u203c CVE-2022-28153 \u203c\n\nJenkins SiteMonitor Plugin 0.6 and earlier does not escape URLs of sites to monitor in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-29T16:41:35.000000Z"} 2022-03-29T16:41:35+00:00 https://vulnerability.circl.lu/sighting/772ab57f-05a3-4466-870a-dd56f7e95dba/export 2026-05-10T15:49:59.685155+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "772ab57f-05a3-4466-870a-dd56f7e95dba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28154", "type": "seen", "source": "https://t.me/cibsecurity/39742", "content": "\u203c CVE-2022-28154 \u203c\n\nJenkins Coverage/Complexity Scatter Plot Plugin 1.1.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-29T16:41:37.000000Z"} 2022-03-29T16:41:37+00:00 https://vulnerability.circl.lu/sighting/c9d4804a-f8d3-4708-a843-2d6e62794fbe/export 2026-05-10T15:49:59.682321+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "c9d4804a-f8d3-4708-a843-2d6e62794fbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2815", "type": "seen", "source": "https://t.me/cibsecurity/56508", "content": "\u203c CVE-2022-2815 \u203c\n\nInsecure Storage of Sensitive Information in GitHub repository publify/publify prior to 9.2.10.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-14T16:37:05.000000Z"} 2023-01-14T16:37:05+00:00