3 matches found
CVE-2020-2260
A missing permission check in Jenkins Perfecto Plugin 1.17 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL using attacker-specified credentials...
CVE-2020-2260
A missing permission check in Jenkins Perfecto Plugin 1.17 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL using attacker-specified credentials...
CVE-2020-2260
CVE-2020-2260 affects Jenkins Perfecto Plugin (versions 1.17 and earlier). A missing permission check in the connection-test method allows attackers with Overall/Read to connect to an attacker-specified HTTP URL using attacker-specified credentials, exposing potential abuse. Public advisories (GH...