Description

REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks.

Remediation

References

CVE-2020-2105

Related Vulnerabilities

PHP Out-of-bounds Read Vulnerability (CVE-2019-11041)

MySQL CVE-2021-2146 Vulnerability (CVE-2021-2146)

Ruby CVE-2019-15845 Vulnerability (CVE-2019-15845)

WordPress Plugin Caldera Forms-More Than Contact Forms Cross-Site Scripting (1.4.1)

WordPress Plugin WordPress Simple Shopping Cart Cross-Site Scripting (4.6.1)

Severity

Medium

Classification

CVE-2020-2105 CWE-1021 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities