CVE-2020-2173

Published: 2020-04-07T13:15Z

Last Modified: 2024-11-21T05:24Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Jenkins Gatling Plugin 1.2.7 and earlier prevents Content-Security-Policy headers from being set for Gatling reports served by the plugin, resulting in an XSS vulnerability exploitable by users able to change report content. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt