2 matches found
CVE-2020-2090
The CVE-2020-2090 entry pertains to a CSRF vulnerability in Jenkins Amazon EC2 Plugin (versions 1.47 and earlier). The root cause is that form validation methods did not perform permission checks, allowing users with Overall/Read access to Jenkins to connect to an attacker-specified URL within th...
CVE-2020-2090
A cross-site request forgery vulnerability in Jenkins Amazon EC2 Plugin 1.47 and earlier allows attackers to connect to an attacker-specified URL within the AWS region using attacker-specified credentials IDs obtained through another method...