CVE-2020-2265

Name of the Vulnerable Software and Affected Versions Jenkins Coverage/Complexity Scatter Plot Plugin versions 1.1.1 and earlier

Description The issue results in a stored cross-site scripting (XSS) vulnerability. This occurs because the plugin does not escape the method information in tooltips, making it exploitable by attackers who can provide report files to the plugin's post-build step.

Recommendations For Jenkins Coverage/Complexity Scatter Plot Plugin versions 1.1.1 and earlier, update to a version that fixes the stored cross-site scripting vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.