CVE-2020-2230
- Reference to the description:
- Description:
- Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the project naming strategy description, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users with Overall/Manage permission.
- Last updated date:
- 11/02/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 10/05/2022
- Reference url to background
http://packetstormsecurity.com/files/160443/Jenkins-2.235.3-Cross-Site-Scripting.html