CVE-2020-2225

Summary

Jenkins Matrix Project Plugin 1.16 and earlier does not escape the axis names shown in tooltips on the overview page of builds with multiple axes, resulting in a stored cross-site scripting vulnerability.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Matrix Project Pluginunspecified <= 1.16affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References