Lucene search
Redhat.comRH:CVE-2020-2230HistorySep 03, 2020 - 5:19 a.m.
CVE-2020-2230
2020-09-0305:19:30
redhat.com
access.redhat.com
21
0.005 Low
EPSS
Percentile
76.6%
A flaw was found in Jenkins in versions prior to 2.251 and LTS 2.235.3. The project naming strategy description, displayed on item creation, is not properly escaped. This can result in a stored cross-site scripting (XSS) vulnerability exploitable by users with Overall/Manage permissions. The highest threat from this vulnerability is to data confidentiality and integrity.
Related
osv
osv
Jenkins Cross-site Scripting vulnerability in project naming strategy
2022-05-24 17:25:24
CVE-2020-2230
2020-08-12 14:15:13
BIT-jenkins-2020-2230
2024-03-06 11:04:36
cve
cve
CVE-2020-2230
2020-08-12 14:15:13
veracode
veracode
Cross-site Scripting (XSS)
2020-10-01 03:52:21
github
github
Jenkins Cross-site Scripting vulnerability in project naming strategy
2022-05-24 17:25:24
prion
prion
Cross site scripting
2020-08-12 14:15:00
cvelist
cvelist
CVE-2020-2230
2020-08-12 13:25:21
nvd
nvd
CVE-2020-2230
2020-08-12 14:15:13
exploitdb
exploitdb
Jenkins 2.235.3 - 'Description' Stored XSS
2020-12-11 00:00:00
packetstorm
packetstorm
Jenkins 2.235.3 Cross Site Scripting
2020-12-11 00:00:00
freebsd
freebsd
jenkins -- multiple vulnerabilities
2020-08-12 00:00:00
openvas
openvas
Jenkins < 2.252, < 2.235.4 Multiple XSS Vulnerabilities - Windows
2020-08-13 00:00:00
Jenkins < 2.252, < 2.235.4 Multiple XSS Vulnerabilities - Linux
2020-08-13 00:00:00
nessus
nessus
redhat
redhat