CVE-2020-2294
CVE-2020-2294 affects Jenkins Maven Cascade Release Plugin (versions 1.3.2 and earlier). The root cause is missing permission checks on several HTTP endpoints, enabling users with Overall/Read to start cascade builds, layout builds, and reconfigure the plugin. Reported impact per sources includes...