CVE-2020-2269

Cross-site Scripting in maven/org.jenkins-ci.plugins/chosen-views-tabbar

Identifiers

CVE-2020-2269

Package Slug

maven/org.jenkins-ci.plugins/chosen-views-tabbar

Vulnerability

Cross-site Scripting

Description

Jenkins chosen-views-tabbar Plugin does not escape view names in the dropdown to select views, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with the ability to configure views.

Affected Versions

All versions up to 1.2

Solution

Unfortunately, there is no solution available yet.

Last Modified

2020-09-17

source