CVE-2020-2193

Summary

Jenkins ECharts API Plugin 4.7.0-3 and earlier does not escape the parser identifier when rendering charts, resulting in a stored cross-site scripting vulnerability.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins ECharts API Pluginunspecified <= 4.7.0-3affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References