Every CVE whose affected-product data names Jenkins Git Parameter, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2025-53652 — CVSS 8.2 (high): Jenkins Git Parameter Plugin 439.vb_0e46ca_14534 and earlier does not validate that the Git parameter value submitted to the build matches…
CVE-2020-2112 — CVSS 5.4 (medium): Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the parameter name shown on the UI, resulting in a stored cross-site…
CVE-2020-2113 — CVSS 5.4 (medium): Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the default value shown on the UI, resulting in a stored cross-site…
CVE-2020-2238 — CVSS 5.4 (medium): Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page, resulting in a…
CVE-2022-29040 — CVSS 5.4 (medium): Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters…
CVE-2026-57286 — CVSS 4.3 (medium): A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca_ and earlier allows attackers with Item/Read permission to…