CVE-2020-2091
CVE-2020-2091 concerns the Jenkins Amazon EC2 Plugin (versions 1.47 and earlier). A missing permission check in form validation allows users with Overall/Read access to connect to an attacker-specified URL in the AWS region using attacker-specified credentials IDs obtained via another method. The...