CVE-2020-2122
CVE-2020-2122 affects Jenkins Brakeman Plugin 0.12 and earlier. The stored XSS arises because values from parsed JSON are not escaped when rendering, allowing an attacker who can control the Brakeman post-build step input data to execute code in the browser. The advisory notes that upgrading to v...