Skip to main content

Vncrecorder

2 CVEs product

Monthly

CVE-2020-2206 Maven MEDIUM PATCH This Month

Jenkins VncRecorder Plugin 1.25 and earlier does not escape a parameter value in the checkVncServ form validation endpoint, resulting in a reflected cross-site scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Jenkins Vncrecorder
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2020-2205 Maven MEDIUM PATCH This Month

Jenkins VncRecorder Plugin 1.25 and earlier does not escape a tool path in the `checkVncServ` form validation endpoint, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Vncrecorder
NVD
CVSS 3.1
4.8
EPSS
0.7%
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Jenkins VncRecorder Plugin 1.25 and earlier does not escape a parameter value in the checkVncServ form validation endpoint, resulting in a reflected cross-site scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Jenkins Vncrecorder
NVD
EPSS 1% CVSS 4.8
MEDIUM PATCH This Month

Jenkins VncRecorder Plugin 1.25 and earlier does not escape a tool path in the `checkVncServ` form validation endpoint, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Vncrecorder
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy