Lucene search
K

4 matches found

OpenVAS
OpenVAS
added 2020/03/26 12:0 a.m.53 views

Jenkins < 2.228, < 2.204.6 LTS Multiple Vulnerabilities - Windows

Jenkins is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS6AI score0.01993EPSS
Exploits0References1
OSV
OSV
added 2020/03/25 5:15 p.m.17 views

CVE-2020-2161

Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not properly escape node labels that are shown in the form validation for label expressions on job configuration pages, resulting in a stored XSS vulnerability exploitable by users able to define node labels...

5.4CVSS5.6AI score
Exploits0References2
Cvelist
Cvelist
added 2020/03/25 4:5 p.m.24 views

CVE-2020-2161

Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not properly escape node labels that are shown in the form validation for label expressions on job configuration pages, resulting in a stored XSS vulnerability exploitable by users able to define node labels...

6.6AI score0.01237EPSS
Exploits0References2
CVE
CVE
added 2020/03/25 4:5 p.m.163 views

CVE-2020-2161

CVE-2020-2161 affects Jenkins 2.227 and earlier, and LTS 2.204.5 and earlier. It is a stored XSS cause by improper escaping of node labels shown in the form validation for label expressions on job configuration pages. The underlying issue is the failure to properly sanitize user-supplied node lab...

5.4CVSS5.4AI score0.01237EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder