CVE-2020-2184

CVE-2020-2184

EPSS 44.5%

A cross-site request forgery vulnerability in Jenkins CVS Plugin 2.15 and earlier allows attackers to create and manipulate tags, and to connect to an attacker-specified URL.

Affected products

Jenkins project · Jenkins CVS Plugin

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://jenkins.io/security/advisory/2020-05-06/#SECURITY-1094 http://www.openwall.com/lists/oss-security/2020/05/06/3