Vulnerabilities > Jenkins > YET Another Build Visualizer > 1.6

DATE	CVE	VULNERABILITY TITLE	RISK
2020-08-12	CVE-2020-2236	Cross-site Scripting vulnerability in Jenkins YET Another Build Visualizer Jenkins Yet Another Build Visualizer Plugin 1.11 and earlier does not escape tooltip content, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users with Run/Update permission. network low complexity jenkins CWE-79	5.4

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.