CVE-2020-2269

Jenkins chosen-views-tabbar Plugin 1.2 and earlier does not escape view names in the dropdown to select views, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with the ability to configure views.

Published Feb 3, 2026

https://github.com/advisories/GHSA-226h-qrg4-8236

CVSS ScoreMedium

5.4

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2020-2269

Jenkins chosen-views-tabbar Plugin 1.2 and earlier does not escape view names in the dropdown to select views, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with the ability to configure views.

Published Feb 3, 2026

https://github.com/advisories/GHSA-226h-qrg4-8236

CVSS ScoreMedium

5.4


maven	org.jenkins-ci.plugins/chosen-views-tabbar	1.0
maven	org.jenkins-ci.plugins/chosen-views-tabbar	1.1
maven	org.jenkins-ci.plugins/chosen-views-tabbar	1.2

Ecosystem	Package	Version


maven	org.jenkins-ci.plugins/chosen-views-tabbar	1.0
maven	org.jenkins-ci.plugins/chosen-views-tabbar	1.1
maven	org.jenkins-ci.plugins/chosen-views-tabbar	1.2

Find vulnerabilities. Fix fast with AI.

CVE-2020-2269

CVE-2020-2269