CVE-2020-2106
CVE-2020-2106 affects Jenkins Code Coverage API Plugin (versions ≤ 1.1.2). The vulnerability is a stored XSS: the plugin does not escape the coverage report filename in its view, enabling a user who can modify a Jenkins job configuration to inject malicious script. Exploitation context is restric...