Published: 12/08/2020 Updated: 02/11/2023

CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8

CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3

VMScore: 312

Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

Jenkins 2.251 and previous versions, LTS 2.235.3 and previous versions does not escape the project naming strategy description, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users with Overall/Manage permission.

Vulnerable Product	Search on Vulmon	Subscribe to Product
jenkins jenkins

Synopsis Important: OpenShift Container Platform 4427 openshift-jenkins-2-container security update Type/Severity Security Advisory: Important Topic An update for openshift-jenkins-2-container is now available for Red Hat OpenShift Container Platform 44Red Hat Product Security has rated this update as h ...

Synopsis Important: OpenShift Container Platform 4513 jenkins security update Type/Severity Security Advisory: Important Topic An update for jenkins is now available for Red Hat OpenShift Container Platform 45Red Hat Product Security has rated this update as having a security impact of Important A Comm ...

Synopsis Important: OpenShift Container Platform 311306 jenkins security update Type/Severity Security Advisory: Important Topic An update for jenkins is now available for Red Hat OpenShift Container Platform 311Red Hat Product Security has rated this update as having a security impact of Important A C ...

Jenkins version 22353 suffers from multiple persistent cross site scripting vulnerabilities ...

CWE-79 https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1957 http://www.openwall.com/lists/oss-security/2020/08/12/4 http://packetstormsecurity.com/files/160443/Jenkins-2.235.3-Cross-Site-Scripting.html https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2020:4220

CVE-2020-2230

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect