2 matches found
CVE-2020-2195
Jenkins Compact Columns Plugin 1.11 and earlier displays the unprocessed job description in tooltips, resulting in a stored cross-site scripting vulnerability that can be exploited by users with Job/Configure permission...
CVE-2020-2195
CVE-2020-2195 : The Jenkins Compact Columns Plugin (versions ≤ 1.11) stores unprocessed job descriptions in tooltips, causing a stored XSS vulnerability exploitable by users with Job/Configure permission. The issue is fixed in version 1.12 as per advisories; upgrade to 1.12+ to mitigate. Other co...