5 matches found
CVE-2020-2266
Jenkins Description Column Plugin 1.3 and earlier does not escape the job description in the column tooltip, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
GHSA-QXRX-M6V6-M767 Stored XSS vulnerability in Description Column Plugin
Jenkins Description Column Plugin 1.3 and earlier does not escape the job description in the column tooltip, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
CVE-2020-2266
Jenkins Description Column Plugin 1.3 and earlier does not escape the job description in the column tooltip, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
Cross site scripting
Jenkins Description Column Plugin 1.3 and earlier does not escape the job description in the column tooltip, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
PT-2020-15491 · Jenkins · Jenkins Description Column Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Description Column Plugin versions 1.3 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability. This occurs because the job description in the column tooltip is not properly escaped. Attackers wit...