3 matches found
CVE-2020-2292
Jenkins Release Plugin 2.10.2 and earlier does not escape the release version in badge tooltip, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Release/Release permission...
CVE-2020-2292
CVE-2020-2292 affects Jenkins Release Plugin versions 2.10.2 and earlier. The root cause is failure to escape the release version in the badge tooltip, causing a stored XSS vulnerability exploitable by attackers with Release/Release permission. Mitigation: upgrade to a version later than 2.10.2 (...
CVE-2020-2292
Jenkins Release Plugin 2.10.2 and earlier does not escape the release version in badge tooltip, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Release/Release permission...