CVE-2020-2303

2020-11-0415:15:11

Google

osv.dev

jenkins

active directory

csrf

vulnerability

connection tests

attacker

credentials

security

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

26.7%

JSON

A cross-site request forgery (CSRF) vulnerability in Jenkins Active Directory Plugin 2.19 and earlier allows attackers to perform connection tests, connecting to attacker-specified or previously configured Active Directory servers using attacker-specified credentials.