Skip to main content

Compatibility Action Storage

1 CVEs product

Monthly

CVE-2020-2217 Maven MEDIUM This Month

Jenkins Compatibility Action Storage Plugin 1.0 and earlier does not escape the content coming from the MongoDB in the testConnection form validation endpoint, resulting in a reflected cross-site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Jenkins Compatibility Action Storage
NVD
CVSS 3.1
6.1
EPSS
0.7%
EPSS 1% CVSS 6.1
MEDIUM This Month

Jenkins Compatibility Action Storage Plugin 1.0 and earlier does not escape the content coming from the MongoDB in the testConnection form validation endpoint, resulting in a reflected cross-site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Jenkins Compatibility Action Storage
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy