CVE-2020-2226

Summary

Jenkins Matrix Authorization Strategy Plugin 2.6.1 and earlier does not escape user names shown in the configuration, resulting in a stored cross-site scripting vulnerability.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Matrix Authorization Strategy Pluginunspecified <= 2.6.1affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References