2 matches found
CVE-2020-2217
Jenkins Compatibility Action Storage Plugin 1.0 and earlier does not escape the content coming from the MongoDB in the testConnection form validation endpoint, resulting in a reflected cross-site scripting XSS vulnerability...
CVE-2020-2217
The CVE-2020-2217 issue affects Jenkins Compatibility Action Storage Plugin versions 1.0 and earlier. The root cause is that the plugin does not escape content coming from MongoDB in the testConnection form validation endpoint, leading to a reflected XSS vulnerability. Impact is reflected XSS as ...