Security Advisory

CVE-2020-2317

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-11-04 14:35:44

Last updated 2024-08-04 07:09:54

Assigner jenkins

State PUBLISHED

Description

Jenkins FindBugs Plugin 5.0.0 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide report files to Jenkins FindBugs Plugins post build step.

← Browse all CVEs View on cve.org ↗