CVE-2020-2194

Jenkins ECharts API Plugin 4.7.0-3 and earlier does not escape the display name of the builds in the trend chart, resulting in a stored cross-site scripting vulnerability. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt