CVE-2020-2184

CVE-2020-2184

EPSS 44.5%

A cross-site request forgery vulnerability in Jenkins CVS Plugin 2.15 and earlier allows attackers to create and manipulate tags, and to connect to an attacker-specified URL.

Productos afectados

Jenkins project · Jenkins CVS Plugin

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://jenkins.io/security/advisory/2020-05-06/#SECURITY-1094 http://www.openwall.com/lists/oss-security/2020/05/06/3