3 matches found
CVE-2020-2200
Jenkins Play Framework Plugin 1.0.2 and earlier lets users specify the path to the play command on the Jenkins master for a form validation endpoint, resulting in an OS command injection vulnerability exploitable by users able to store such a file on the Jenkins master...
CVE-2020-2200
Jenkins Play Framework Plugin 1.0.2 and earlier lets users specify the path to the play command on the Jenkins master for a form validation endpoint, resulting in an OS command injection vulnerability exploitable by users able to store such a file on the Jenkins master...
CVE-2020-2200
CVE-2020-2200 concerns the Jenkins Play Framework Plugin (versions 1.0.2 and earlier). The issue arises when a form validation endpoint lets users specify the path to the play command on the Jenkins master, enabling an OS command injection vulnerability exploitable by users who can place a file o...