Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2020-2205
CVE-2020-2205
Jenkins VncRecorder Plugin 1.25 and earlier does not escape a tool path in the `checkVncServ` form validation endpoint, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by Jenkins administrators.
Published Feb 3, 2026
https://www.jenkins.io/security/advisory/2020-07-02/#SECURITY-1728%20(1)
CVSS Score
Medium
4.8
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
maven
org.jenkins-ci.plugins/vncrecorder
1.14
maven
org.jenkins-ci.plugins/vncrecorder
1.15
maven
org.jenkins-ci.plugins/vncrecorder
1.18
maven
org.jenkins-ci.plugins/vncrecorder
1.19
maven
org.jenkins-ci.plugins/vncrecorder
1.20
maven
org.jenkins-ci.plugins/vncrecorder
1.21
maven
org.jenkins-ci.plugins/vncrecorder
1.22
maven
org.jenkins-ci.plugins/vncrecorder
1.23
maven
org.jenkins-ci.plugins/vncrecorder
1.24
maven
org.jenkins-ci.plugins/vncrecorder
1.25
1-10 of 10
CVE-2020-2205 | Components Impacted | Sonatype Guide | Sonatype Guide
