2 matches found
CVE-2020-2243
Jenkins Cadence vManager Plugin 3.0.4 and earlier does not escape build descriptions in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Run/Update permission...
CVE-2020-2243
Jenkins Cadence vManager Plugin 3.0.4 and earlier is affected by CVE-2020-2243: it does not escape build descriptions in tooltips, causing a stored XSS vulnerability that can be exploited by attackers with Run/Update permission. Several connected sources confirm the issue and note that Cadence vM...