CVE-2020-2229

MEDIUM

Jenkins < 2.235.3 and < 2.251 - Stored Cross-Site Scripting via Help Icon Tooltip

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-2229. PoCs published by gx1.

AI-analyzed exploit summary This exploit demonstrates a stored XSS vulnerability in Jenkins versions <= 2.251 and LTS <= 2.235.3 by injecting malicious JavaScript into the tooltip attribute of an svgIcon element. The PoC requires plugin upload access to inject the payload.

Description

Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the tooltip content of help icons, resulting in a stored cross-site scripting (XSS) vulnerability.

Exploits (1)

exploitdb WORKING POC
by gx1 · textwebappsjava
https://www.exploit-db.com/exploits/49232

This exploit demonstrates a stored XSS vulnerability in Jenkins versions <= 2.251 and LTS <= 2.235.3 by injecting malicious JavaScript into the tooltip attribute of an svgIcon element. The PoC requires plugin upload access to inject the payload.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Moderate
Reliability
Reliable
Target: Jenkins <= 2.251 and LTS <= 2.235.3
Auth required
Prerequisites: Access to upload Jenkins plugins · Plugin containing malicious svgIcon element
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2020/08/12/4
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/160443/Jenkins-2.235.3-Cross-Site-Scripting.html

Scores

CVSS v3 5.4
EPSS 0.0677
EPSS Percentile 93.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (3)
jenkins/jenkins < 2.235.3
jenkins/jenkins < 2.251
org.jenkins-ci.main/jenkins-core 0 - 2.235.4Maven
Published Aug 12, 2020
Tracked Since Feb 18, 2026