CVE-2020-2197
The vulnerability concerns the Jenkins Project Inheritance Plugin, affecting versions 21.04.03 and earlier (and specifically noted for 19.08.02 and earlier). Affected functionality via the API endpoint /job/…/getConfigAsXML does not enforce Job/ExtendedRead permission, allowing users with only Jo...