2 matches found
CVE-2020-2137
Jenkins Timestamper Plugin 1.11.1 and earlier does not sanitize HTML formatting of its output, resulting in a stored XSS vulnerability exploitable by attackers with Overall/Administer permission...
CVE-2020-2137
Summary (CVE-2020-2137) : The Jenkins Timestamper Plugin (versions ≤ 1.11.1) is affected by a stored XSS due to lack of HTML sanitization in its output. This vulnerability can be exploited by users with Overall/Administer permission to inject HTML into build timestamps. The issue is mitigated by ...