Jenkins Audit Trail vulnerabilities

CVE-2020-2288 [MEDIUM] CVE-2020-2288: In Jenkins Audit Trail Plugin 3.6 and earlier, the default regular expression pattern could be bypas In Jenkins Audit Trail Plugin 3.6 and earlier, the default regular expression pattern could be bypassed in many cases by adding a suffix to the URL that would be ignored during request handling.

CVE-2020-2140 [MEDIUM] CWE-79 CVE-2020-2140: Jenkins Audit Trail Plugin 3.2 and earlier does not escape the error message for the URL Patterns fi Jenkins Audit Trail Plugin 3.2 and earlier does not escape the error message for the URL Patterns field form validation, resulting in a reflected cross-site scripting vulnerability.