CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-2173

Jenkins Gatling Plugin 1.2.7 and earlier prevents Content-Security-Policy headers from being set for Gatling reports served by the plugin, resulting in an XSS vulnerability exploitable by users able to change report content.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 37.1%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

Products affected by CVE-2020-2173

Jenkins » Gatling » Version: 1.0.0

cpe:2.3:a:jenkins:gatling:1.0.0
Jenkins » Gatling » Version: 1.0.1

cpe:2.3:a:jenkins:gatling:1.0.1
Jenkins » Gatling » Version: 1.0.2

cpe:2.3:a:jenkins:gatling:1.0.2
Jenkins » Gatling » Version: 1.0.3

cpe:2.3:a:jenkins:gatling:1.0.3
Jenkins » Gatling » Version: 1.1.0

cpe:2.3:a:jenkins:gatling:1.1.0
Jenkins » Gatling » Version: 1.1.1

cpe:2.3:a:jenkins:gatling:1.1.1
Jenkins » Gatling » Version: 1.1.2

cpe:2.3:a:jenkins:gatling:1.1.2
Jenkins » Gatling » Version: 1.2.0

cpe:2.3:a:jenkins:gatling:1.2.0
Jenkins » Gatling » Version: 1.2.1

cpe:2.3:a:jenkins:gatling:1.2.1
Jenkins » Gatling » Version: 1.2.2

cpe:2.3:a:jenkins:gatling:1.2.2
Jenkins » Gatling » Version: 1.2.3

cpe:2.3:a:jenkins:gatling:1.2.3
Jenkins » Gatling » Version: 1.2.4

cpe:2.3:a:jenkins:gatling:1.2.4
Jenkins » Gatling » Version: 1.2.5

cpe:2.3:a:jenkins:gatling:1.2.5
Jenkins » Gatling » Version: 1.2.6

cpe:2.3:a:jenkins:gatling:1.2.6
Jenkins » Gatling » Version: 1.2.7

cpe:2.3:a:jenkins:gatling:1.2.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-2173

Products

Pricing

Contact Us