2 matches found
CVE-2020-2270
Jenkins ClearCase Release Plugin 0.3 and earlier does not escape the composite baseline in badge tooltip, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
CVE-2020-2270
CVE-2020-2270 affects the Jenkins ClearCase Release Plugin (versions 0.3 and earlier). The root cause is that the composite baseline in the badge tooltip is not escaped, causing a stored XSS vulnerability. Exploitation is feasible by attackers with Job/Configure permission. Remediation: upgrade t...