VYPR

Maven package

io.jenkins.plugins/echarts-api

pkg:maven/io.jenkins.plugins/echarts-api

Vulnerabilities (2)

  • CVE-2020-2194MedJun 3, 2020
    affected < 4.7.0-4fixed 4.7.0-4

    Jenkins ECharts API Plugin 4.7.0-3 and earlier does not escape the display name of the builds in the trend chart, resulting in a stored cross-site scripting vulnerability.

  • CVE-2020-2193MedJun 3, 2020
    affected < 4.7.0-4fixed 4.7.0-4

    Jenkins ECharts API Plugin 4.7.0-3 and earlier does not escape the parser identifier when rendering charts, resulting in a stored cross-site scripting vulnerability.