GHSA-7hf3-h28p-q6gx

GitHub Security Advisory

Reflected XSS vulnerability in Jenkins JSGames Plugin

✓ GitHub Reviewed HIGH Has CVE

Jenkins JSGames Plugin 0.2 and earlier evaluates part of a URL as code, resulting in a reflected cross-site scripting (XSS) vulnerability.

Maven org.jenkins-ci.plugins:jsgames

Affected versions: 0 (last affected: 0.2)

CVE-2020-2248

GHSA ID

GHSA-7hf3-h28p-q6gx

Published

May 24, 2022 5:27 PM

Last Modified

December 20, 2022 10:39 PM

CVSS Score

7.5 /10

Primary Ecosystem

Maven

Primary Package

org.jenkins-ci.plugins:jsgames

GitHub Reviewed

✓ Yes

Last updated: August 25, 2025 6:33 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.