CVE-2020-2194

Summary

Jenkins ECharts API Plugin 4.7.0-3 and earlier does not escape the display name of the builds in the trend chart, resulting in a stored cross-site scripting vulnerability.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins ECharts API Pluginunspecified <= 4.7.0-3affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References