Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2022/05/24 5:30 p.m.27 views

Missing permission checks in Jenkins Maven Cascade Release Plugin

Jenkins Maven Cascade Release Plugin 1.3.2 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to start cascade builds and layout builds, and reconfigure the plugin...

6.5CVSS6.1AI score0.00808EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2020/10/08 1:15 p.m.24 views

CVE-2020-2295

A cross-site request forgery CSRF vulnerability in Jenkins Maven Cascade Release Plugin 1.3.2 and earlier allows attackers to start cascade builds and layout builds, and reconfigure the plugin...

6.5CVSS0.00538EPSS
Exploits0References2
OSV
OSV
added 2020/10/08 1:15 p.m.22 views

CVE-2020-2295

A cross-site request forgery CSRF vulnerability in Jenkins Maven Cascade Release Plugin 1.3.2 and earlier allows attackers to start cascade builds and layout builds, and reconfigure the plugin...

6.5CVSS6.7AI score
Exploits0References2
OSV
OSV
added 2020/10/08 1:15 p.m.14 views

CVE-2020-2294

Jenkins Maven Cascade Release Plugin 1.3.2 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to start cascade builds and layout builds, and reconfigure the plugin...

6.5CVSS6.6AI score
Exploits0References2
Prion
Prion
added 2020/10/08 1:15 p.m.17 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Maven Cascade Release Plugin 1.3.2 and earlier allows attackers to start cascade builds and layout builds, and reconfigure the plugin...

4.3CVSS6.4AI score0.00538EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder