CVE-2020-2270 – Jenkins ClearCase Release Plugin 0.3 and earlier does not escape the composite baseline in …

Vuln ID: CVE-2020-2270

Published:  2020-09-16  14:15:14Z

Description: Jenkins ClearCase Release Plugin 0.3 and earlier does not escape the composite baseline in badge tooltip, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.

Source: NVD.NIST.GOV