CVE-2020-2162

Published: 2020-03-25T17:15Z

Last Modified: 2024-11-21T05:24Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not set Content-Security-Policy headers for files uploaded as file parameters to a build, resulting in a stored XSS vulnerability. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt