vulnerability

Red Hat OpenShift: CVE-2020-2136: jenkins-git-plugin: stored cross-site scripting

Severity
4
CVSS
(AV:N/AC:M/Au:S/C:N/I:P/A:N)
Published
Mar 9, 2020
Added
Dec 29, 2020
Modified
Apr 14, 2025

Description

Jenkins Git Plugin 4.2.0 and earlier does not escape the error message for the repository URL for Microsoft TFS field form validation, resulting in a stored cross-site scripting vulnerability.

Solution

linuxrpm-upgrade-jenkins-2-plugins
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.