CVE-2020-2201 is a vulnerability in Jenkins Sonargraph Integration
Published on July 2, 2020
Jenkins Sonargraph Integration Plugin 3.0.0 and earlier does not escape the file path for the Log file field form validation, resulting in a stored cross-site scripting vulnerability.
Products Associated with CVE-2020-2201
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-2201 are published in Jenkins Sonargraph Integration:
Affected Versions
Jenkins project Jenkins Sonargraph Integration Plugin:- Version unspecified, <= 3.0.0 is affected.
Exploit Probability
EPSS
0.09%
Percentile
25.36%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.