CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Jenkins: >> Fitnesse >> 1.31 Security Vulnerabilities

CVE-2020-2175

Jenkins FitNesse Plugin 1.31 and earlier does not correctly escape report contents before showing them on the Jenkins UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users able to control the XML input files processed by the plugin.

CVSS Score

5.4

EPSS Score

0.002

Published

2020-04-07

Page 1

Vulnerabilities

Vulnerable Software

Jenkins: >> Fitnesse >> 1.31 Security Vulnerabilities

Products

Pricing

Contact Us