CVE-2020-2111

Sažetak

Jenkins Subversion Plugin 2.13.0 and earlier does not escape the error message for the Project Repository Base URL field form validation, resulting in a stored cross-site scripting vulnerability.

Reference

https://jenkins.io/security/advisory/2020-02-12/#SECURITY-1725
http://www.openwall.com/lists/oss-security/2020/02/12/3

CVSS

Base:	3.5
Impact:	2.9
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:S/C:N/I:P/A:N

Zadnje važnije ažuriranje

25-10-2023 - 18:16

Objavljeno

12-02-2020 - 15:15