2 matches found
CVE-2020-2184
A cross-site request forgery vulnerability in Jenkins CVS Plugin 2.15 and earlier allows attackers to create and manipulate tags, and to connect to an attacker-specified URL...
CVE-2020-2184
CVE-2020-2184 describes a CSRF vulnerability in Jenkins CVS Plugin (versions 2.15 and earlier). The issue arises because several HTTP endpoints do not require POST, allowing an attacker to trigger unauthorized actions such as creating/manipulating tags and connecting to an attacker-specified URL....