VYPR
High severityNVD Advisory· Published Sep 1, 2020· Updated Aug 4, 2024

CVE-2020-2244

CVE-2020-2244

Description

Jenkins Build Failure Analyzer Plugin 1.27.0 and earlier does not escape matching text in a form validation response, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers able to provide console output for builds used to test build log indications.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzerMaven
< 1.27.11.27.1

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

1