2 matches found
CVE-2020-2216
A missing permission check in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified username and password...
CVE-2020-2216
Affected software: Jenkins Zephyr for JIRA Test Management Plugin, versions 1.5 and earlier.Root cause: Missing permission checks allow an attacker with Overall/Read to cause the plugin to connect to an attacker-controlled HTTP server using attacker-specified username/password.Impact: Authenticat...