Get tailored security recommendations from our analyst team for CVE-2020-2161. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not properly escape node labels that are shown in the form validation for label expressions on job configuration pages, resulting in a stored XSS vulnerability exploitable by users able to define node labels.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Jenkins project

Jenkins

Affected Versions:

unspecified unspecified

References

https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1781

http://www.openwall.com/lists/oss-security/2020/03/25/2

Published: 2020-03-25T16:05:34

Last Modified: 2024-08-04T07:01:40.978Z

Copied to clipboard!

CVE-2020-2161

Expert Analysis