Vulnerabilities

CVE-2020-2317

by Fred · 04/11/2020

Jenkins FindBugs Plugin 5.0.0 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide report files to Jenkins FindBugs Plugin’s post build step.

Date published : 2020-11-04

https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-1918

http://www.openwall.com/lists/oss-security/2020/11/04/6

Similar

Tags: Cybersecurity Alert