Identifier

CVE-2020-2224

Package Slug

maven/org.jenkins-ci.plugins/matrix-project

Vulnerability

Cross-site Scripting

Description

Jenkins Matrix Project Plugin does not escape the node names shown in tooltips on the overview page of builds with a single axis, resulting in a stored cross-site scripting vulnerability.

Affected Versions

All versions up to 1.16

Solution

Upgrade to version 1.17 or above.

Last Modified

2020-07-23

source