Description
Jenkins JSGames Plugin 0.2 and earlier evaluates part of a URL as code, resulting in a reflected cross-site scripting (XSS) vulnerability.
Remediation
References
http://www.openwall.com/lists/oss-security/2020/09/01/3
https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1905
Related Vulnerabilities
CVE-2020-2122 Vulnerability in maven package org.jenkins-ci.plugins:brakeman
CVE-2019-10796 Vulnerability in npm package rpi
CVE-2020-7641 Vulnerability in npm package grunt-util-property
CVE-2022-0528 Vulnerability in npm package @uppy/companion
CVE-2022-43421 Vulnerability in maven package org.jenkins-ci.plugins:tuleap-git-branch-source