CVE-2020-2225
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2020-2225
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-2225.json
- Aliases
- Published
- 2020-07-15T18:15:37Z
- Modified
- 2023-11-29T08:12:58.643301Z
- Details
-
Jenkins Matrix Project Plugin 1.16 and earlier does not escape the axis names shown in tooltips on the overview page of builds with multiple axes, resulting in a stored cross-site scripting vulnerability.
- References
Affected packages
Git / github.com/jenkinsci/matrix-project-plugin
Affected ranges
- Type
- GIT
- Repo
- https://github.com/jenkinsci/matrix-project-plugin
- Events
-
Introduced0The exact introduced commit is unknownLast affected
Affected versions
matrix-project-1.*
matrix-project-1.0
matrix-project-1.0-beta-1
matrix-project-1.1
matrix-project-1.10
matrix-project-1.11
matrix-project-1.12
matrix-project-1.13
matrix-project-1.14
matrix-project-1.15
matrix-project-1.16
matrix-project-1.2
matrix-project-1.3
matrix-project-1.4
matrix-project-1.5
matrix-project-1.6
matrix-project-1.7
matrix-project-1.7.1
matrix-project-1.8
matrix-project-1.9