Vulnerabilities > Jenkins > Validating String Parameter
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-09-16 | CVE-2020-2257 | Cross-site Scripting vulnerability in Jenkins Validating String Parameter Jenkins Validating String Parameter Plugin 2.4 and earlier does not escape various user-controlled fields, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission. | 5.4 |