CVE-2020-2176
CVE-2020-2176 describes an XSS vulnerability in Jenkins with the useMango Runner Plugin 1.4 and earlier, where multiple form validation endpoints do not escape values received from the useMango service. This allows an attacker who can control returned values to execute scripts in a user’s browser...