Vulnerability Details CVE-2020-2244
Jenkins Build Failure Analyzer Plugin 1.27.0 and earlier does not escape matching text in a form validation response, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers able to provide console output for builds used to test build log indications.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.1%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
Products affected by CVE-2020-2244
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.10.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.10.0-2
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.10.1
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.10.2
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.10.3
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.11.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.12.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.12.1
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.13.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.13.1
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.13.2
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.13.3
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.13.4
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.13.5
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.14.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.15.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.16.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.17.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.17.0-r2
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.17.1
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.17.2
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.18.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.18.1
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.19.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.19.1
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.19.2
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.2.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.20.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.21.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.22.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.23.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.23.1
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.23.2
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.24.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.24.1
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.24.2
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.25.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.25.1
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.26.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.27.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.3.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.4.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.4.1
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.5.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.5.1
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.6.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.7.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.8.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.8.1
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.9.0
-
cpe:2.3:a:jenkins:build_failure_analyzer:1.9.1