GHSA-RFRQ-3V89-FQG6 Reflected XSS in Jenkins Compatibility Action Storage Plugin

Jenkins Compatibility Action Storage Plugin 1.0 and earlier does not escape the content coming from the MongoDB in the testConnection form validation endpoint, resulting in a reflected cross-site scripting XSS vulnerability...

CloudBees Jenkins Compatibility Action Storage Plugin Cross-Site Scripting Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Compatibility Action Storage Plugin is used i...

CVE-2020-2217

The CVE-2020-2217 issue affects Jenkins Compatibility Action Storage Plugin versions 1.0 and earlier. The root cause is that the plugin does not escape content coming from MongoDB in the testConnection form validation endpoint, leading to a reflected XSS vulnerability. Impact is reflected XSS as ...