2 matches found
CVE-2020-2246
Jenkins Valgrind Plugin 0.28 and earlier does not escape content in Valgrind XML reports, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control Valgrind XML report contents...
CVE-2020-2246
CVE-2020-2246 affects Jenkins Valgrind Plugin 0.28 and earlier. The vulnerability arises because the plugin does not escape content in Valgrind XML reports, enabling stored cross-site scripting (XSS) if an attacker can control the Valgrind report contents. Connected sources corroborate the same d...