CVE-2020-2207

Summary

Jenkins VncViewer Plugin 1.7 and earlier does not escape a parameter value in the checkVncServ form validation endpoint, resulting in a reflected cross-site scripting (XSS) vulnerability.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins VncViewer Pluginunspecified <= 1.7affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References