Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:13 p.m.10 views

CVE-2020-2256

Jenkins Pipeline Maven Integration Plugin 3.9.2 and earlier does not escape the upstream job's display name shown as part of a build cause, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

5.4CVSS5.4AI score0.00735EPSS
Exploits0
NVD
NVD
added 2020/09/16 2:15 p.m.27 views

CVE-2020-2256

Jenkins Pipeline Maven Integration Plugin 3.9.2 and earlier does not escape the upstream job's display name shown as part of a build cause, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

5.4CVSS0.00735EPSS
Exploits0References2
OSV
OSV
added 2020/09/16 2:15 p.m.21 views

CVE-2020-2256

Jenkins Pipeline Maven Integration Plugin 3.9.2 and earlier does not escape the upstream job's display name shown as part of a build cause, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

5.4CVSS5.4AI score
Exploits0References2
Cvelist
Cvelist
added 2020/09/16 1:20 p.m.29 views

CVE-2020-2256

Jenkins Pipeline Maven Integration Plugin 3.9.2 and earlier does not escape the upstream job's display name shown as part of a build cause, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

5.3AI score0.00735EPSS
Exploits0References2
CVE
CVE
added 2020/09/16 1:20 p.m.84 views

CVE-2020-2256

CVE-2020-2256 concerns Jenkins Pipeline Maven Integration Plugin evaluating upstream display names in build causes. The vulnerability affects version 3.9.2 and earlier, where the upstream job’s display name is not properly escaped, enabling a stored cross-site scripting (XSS) vulnerability. Explo...

5.4CVSS5.2AI score0.00735EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder