CVE-2020-2259

Cross-site Scripting in maven/jenkins.ci.plugins.computerqueue/computer-queue-plugin

Identifiers

CVE-2020-2259

Package Slug

maven/jenkins.ci.plugins.computerqueue/computer-queue-plugin

Vulnerability

Cross-site Scripting

Description

Jenkins computer-queue-plugin Plugin does not escape the agent name in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Agent/Configure permission.

Affected Versions

All versions up to 1.5

Solution

Unfortunately, there is no solution available yet.

Last Modified

2020-09-17

source