CVE-2020-2116
CVE-2020-2116 describes a CSRF flaw in Jenkins Pipeline GitHub Notify Step Plugin (versions 1.0.4 and earlier). The vulnerability allows an attacker to cause Jenkins to connect to an attacker‑controlled URL using attacker‑provided credentials IDs, potentially exposing stored credentials. Root cau...