CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-2265

Jenkins Coverage/Complexity Scatter Plot Plugin 1.1.1 and earlier does not escape the method information in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide report files to the plugin's post-build step.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.1%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

Products affected by CVE-2020-2265

Jenkins » Coverage/complexity Scatter Plot » Version: 1.0.0

cpe:2.3:a:jenkins:coverage/complexity_scatter_plot:1.0.0
Jenkins » Coverage/complexity Scatter Plot » Version: 1.0.1

cpe:2.3:a:jenkins:coverage/complexity_scatter_plot:1.0.1
Jenkins » Coverage/complexity Scatter Plot » Version: 1.0.2

cpe:2.3:a:jenkins:coverage/complexity_scatter_plot:1.0.2
Jenkins » Coverage/complexity Scatter Plot » Version: 1.1.0

cpe:2.3:a:jenkins:coverage/complexity_scatter_plot:1.1.0
Jenkins » Coverage/complexity Scatter Plot » Version: 1.1.1

cpe:2.3:a:jenkins:coverage/complexity_scatter_plot:1.1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-2265

Products

Pricing

Contact Us