Skip to main content

Zap Pipeline

1 CVEs product

Monthly

CVE-2020-2214 Maven MEDIUM PATCH This Month

Jenkins ZAP Pipeline Plugin 1.9 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Zap Pipeline
NVD
CVSS 3.1
5.4
EPSS
0.7%
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Jenkins ZAP Pipeline Plugin 1.9 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Zap Pipeline
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy