CVE-2020-2161 – Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not properly escape node labels th …

Vuln ID: CVE-2020-2161

Published:  2020-03-25  17:15:15Z

Description: Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not properly escape node labels that are shown in the form validation for label expressions on job configuration pages, resulting in a stored XSS vulnerability exploitable by users able to define node labels.

Source: NVD.NIST.GOV

 

Tags