Vulnerabilities (CVE)

Filtered by vendor Jenkins Subscribe

Filtered by product Matrix Project

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-20615	2 Jenkins, Oracle	2 Matrix Project, Communications Cloud Native Core Automated Test Suite	2023-11-22	3.5 LOW	5.4 MEDIUM
Jenkins Matrix Project Plugin 1.19 and earlier does not escape HTML metacharacters in node and label names, and label descriptions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Agent/Configure permission.
CVE-2020-2224	1 Jenkins	1 Matrix Project	2020-07-21	3.5 LOW	5.4 MEDIUM
Jenkins Matrix Project Plugin 1.16 and earlier does not escape the node names shown in tooltips on the overview page of builds with a single axis, resulting in a stored cross-site scripting vulnerability.
CVE-2020-2225	1 Jenkins	1 Matrix Project	2020-07-21	3.5 LOW	5.4 MEDIUM
Jenkins Matrix Project Plugin 1.16 and earlier does not escape the axis names shown in tooltips on the overview page of builds with multiple axes, resulting in a stored cross-site scripting vulnerability.