Vulnerabilities > Jenkins > Findbugs > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-04 | CVE-2020-2317 | Cross-site Scripting vulnerability in Jenkins Findbugs Jenkins FindBugs Plugin 5.0.0 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide report files to Jenkins FindBugs Plugin's post build step. | 5.4 |