Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2020-2160

Disclosure Date: March 25, 2020 (last updated February 21, 2025)
Jenkins 2.227 and earlier, LTS 2.204.5 and earlier uses different representations of request URL paths, which allows attackers to craft URLs that allow bypassing CSRF protection of any target URL.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0