返回 CVE 浏览器

CVE-2020-2224

MEDIUM

5.4

CVSS Severity Score

EPSS Score0.1420%

EPSS Percentile37.64th

Published2020年7月15日

Last Modified2024年11月21日

Vulnerability Description

Jenkins Matrix Project Plugin 1.16 and earlier does not escape the node names shown in tooltips on the overview page of builds with a single axis, resulting in a stored cross-site scripting vulnerability.

Affected Platforms (CPE)

📦

Jenkins

Matrix Project

<= 1.16

References & Advisories

🔗 http://www.openwall.com/lists/oss-security/2020/07/15/5

🔗 https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1924

🔗 http://www.openwall.com/lists/oss-security/2020/07/15/5

🔗 https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1924

相关漏洞威胁

CVE-2019-10030319.9

A sandbox bypass vulnerability exists in Jenkins Matrix Project Plugin 1.13 and earlier in pom.xml, src/main/java/hudson/matrix/Fi...

CVE-2020-22255.4

Jenkins Matrix Project Plugin 1.16 and earlier does not escape the axis names shown in tooltips on the overview page of builds wit...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...