Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:30 p.m.13 views

CVE-2020-2317

Jenkins FindBugs Plugin 5.0.0 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to Jenkins FindBugs Plugin's post build step...

5.4CVSS5.4AI score0.00852EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/24 5:33 p.m.6 views

com.groupon.jenkins-ci.plugins:DotCi-Plugins-Starter-Pack (>=1.7.2 <=1.8.2), com.groupon.jenkins.plugins:DotCi-Plugins-Starter-Pack (>=1.0.0 <=1.7.1) potentially affected by CVE-2020-2317 via org.jvnet.hudson.plugins:findbugs (>=4.51 <=4.62)

org.jvnet.hudson.plugins:findbugs MAVEN version =4.51, =1.7.2, =1.0.0, =1.7.1 Source cves: CVE-2020-2317 Source advisory: OSV:GHSA-24G8-35X9-FV8R...

5.4CVSS6AI score0.00852EPSS
Exploits0
NVD
NVD
added 2020/11/04 3:15 p.m.35 views

CVE-2020-2317

Jenkins FindBugs Plugin 5.0.0 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to Jenkins FindBugs Plugin's post build step...

5.4CVSS5.2AI score0.00852EPSS
Exploits0References1
CVE
CVE
added 2020/11/04 2:35 p.m.80 views

CVE-2020-2317

The CVE-2020-2317 entry describes a stored XSS vulnerability in Jenkins FindBugs Plugin, affecting version 5.0.0 and earlier. The root cause is that the plugin does not escape the annotation message shown in tooltips, enabling an attacker who can supply report files to the plugin’s post-build ste...

5.4CVSS5.2AI score0.00852EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder