CVE-2020-2096

2020-01-15T16:15:00
ID CVE-2020-2096
Type cve
Reporter jenkinsci-cert@googlegroups.com
Modified 2020-01-21T21:53:00

Description

Jenkins Gitlab Hook Plugin 1.4.2 and earlier does not escape project names in the build_now endpoint, resulting in a reflected XSS vulnerability.