VulnerableCode Package Details - pkg:maven/org.jenkins-ci.plugins.pipeline-stage-view/pipeline-stage-view@2.25

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/org.jenkins-ci.plugins.pipeline-stage-view/pipeline-stage-view@2.25

purl	pkg:maven/org.jenkins-ci.plugins.pipeline-stage-view/pipeline-stage-view@2.25

Next non-vulnerable version	2.27
Latest non-vulnerable version	2.27
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-rxtr-936k-h3cc Aliases: CVE-2022-43408 GHSA-g975-f26h-93g8	Jenkins Pipeline: Stage View Plugin allows CSRF protection bypass of any target URL in Jenkins Jenkins Pipeline: Stage View Plugin provides a visualization of Pipeline builds. It also allows users to interact with `input` steps from Pipeline: Input Step Plugin. Pipeline: Stage View Plugin 2.26 and earlier does not correctly encode the ID of `input` steps when using it to generate URLs to proceed or abort Pipeline builds. This allows attackers able to configure Pipelines to specify `input` step IDs resulting in URLs that would bypass the CSRF protection of any target URL in Jenkins. Pipeline: Stage View Plugin 2.27 correctly encodes the ID of `input` steps when using it to generate URLs to proceed or abort Pipeline builds.	2.27 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T16:03:47.294264+00:00	GHSA Importer	Affected by	VCID-rxtr-936k-h3cc	https://github.com/advisories/GHSA-g975-f26h-93g8	38.0.0