CVE-2020-2268

CVE-2020-2268

EPSS 0.7%

A cross-site request forgery (CSRF) vulnerability in Jenkins MongoDB Plugin 1.3 and earlier allows attackers to gain access to some metadata of any arbitrary files on the Jenkins controller.

Produtos afetados

Jenkins project · Jenkins MongoDB Plugin

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1904 http://www.openwall.com/lists/oss-security/2020/09/16/3