Vulnerability Details CVE-2020-2169
A form validation endpoint in Jenkins Queue cleanup Plugin 1.3 and earlier does not properly escape a query parameter displayed in an error message, resulting in a reflected XSS vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.8%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2020-2169
-
cpe:2.3:a:jenkins:queue_cleanup:1.0
-
cpe:2.3:a:jenkins:queue_cleanup:1.2
-
cpe:2.3:a:jenkins:queue_cleanup:1.3