vulnerability

Jenkins Advisory 2020-03-25: CVE-2020-2169: Reflected XSS vulnerability in Queue cleanup Plugin

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:P/A:N)	Mar 25, 2020	Mar 27, 2020	Aug 11, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:N)

Published

Mar 25, 2020

Added

Mar 27, 2020

Modified

Aug 11, 2025

Description

A form validation endpoint in Jenkins Queue cleanup Plugin 1.3 and earlier does not properly escape a query parameter displayed in an error message, resulting in a reflected XSS vulnerability.

Solutions

jenkins-lts-upgrade-2_204_6jenkins-upgrade-2_228

References

CVE-2020-2169
https://attackerkb.com/topics/CVE-2020-2169
CWE-79
URL-https://jenkins.io/security/advisory/2020-03-25/

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today