CVE-2020-2111

Опубликовано: 12 фев. 2020

Источник: redhat

CVSS3: 5.4

Описание

Jenkins Subversion Plugin 2.13.0 and earlier does not escape the error message for the Project Repository Base URL field form validation, resulting in a stored cross-site scripting vulnerability.

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2020-2111
https://nvd.nist.gov/vuln/detail/CVE-2020-2111
https://jenkins.io/security/advisory/2020-02-12/#SECURITY-1725

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-79

https://bugzilla.redhat.com/show_bug.cgi?id=1819105jenkins-subversion-plugin: XSS in project repository base url

5.4 Medium

CVSS3

Связанные уязвимости

CVE-2020-2111

CVSS3: 5.4

nvd

почти 6 лет назад

Jenkins Subversion Plugin 2.13.0 and earlier does not escape the error message for the Project Repository Base URL field form validation, resulting in a stored cross-site scripting vulnerability.

GHSA-x3pr-fcgm-wjgc

CVSS3: 5.4

github

больше 3 лет назад

Subversion Plugin stored XSS vulnerability

5.4 Medium

CVSS3