3 matches found
CVE-2020-2196
Jenkins Selenium Plugin 3.141.59 and earlier has no CSRF protection for its HTTP endpoints, allowing attackers to perform all administrative actions provided by the plugin...
CVE-2020-2196
The CVE concerns Jenkins Selenium Plugin (versions 3.141.59 and earlier) lacking CSRF protection on HTTP endpoints. The root cause is absence of CSRF protections, enabling an attacker to perform all administrative actions exposed by the plugin (e.g., restart grid hub, modify plugin configuration,...
CVE-2020-2196
Jenkins Selenium Plugin 3.141.59 and earlier has no CSRF protection for its HTTP endpoints, allowing attackers to perform all administrative actions provided by the plugin...