Vulnerabilities
Vulnerable Software
Jenkins:  >> Jenkins  >> 2.222.4  Security Vulnerabilities
Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the upstream job's display name shown as part of a build cause, resulting in a stored cross-site scripting vulnerability.
CVSS Score
5.4
EPSS Score
0.011
Published
2020-07-15
Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the job name in the 'Keep this build forever' badge tooltip, resulting in a stored cross-site scripting vulnerability.
CVSS Score
5.4
EPSS Score
0.011
Published
2020-07-15
Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape correctly the 'href' attribute of links to downstream jobs displayed in the build console page, resulting in a stored cross-site scripting vulnerability.
CVSS Score
5.4
EPSS Score
0.01
Published
2020-07-15
Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the agent name in the build time trend page, resulting in a stored cross-site scripting vulnerability.
CVSS Score
5.4
EPSS Score
0.01
Published
2020-07-15


Contact Us

Shodan ® - All rights reserved