2 matches found
CVE-2020-2316
Jenkins Static Analysis Utilities Plugin 1.96 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
CVE-2020-2316
The CVE-2020-2316 vulnerability affects Jenkins’ Static Analysis Utilities Plugin (versions 1.96 and earlier). The issue is a failure to escape the annotation message shown in tooltips, causing a stored cross-site scripting (XSS) vulnerability. Exploitation is possible by attackers who have Job/C...