Description
A cross-site request forgery (CSRF) vulnerability in Jenkins Lockable Resources Plugin 2.8 and earlier allows attackers to reserve, unreserve, unlock, and reset resources.
Remediation
References
http://www.openwall.com/lists/oss-security/2020/09/23/1
https://www.jenkins.io/security/advisory/2020-09-23/#SECURITY-1958
Related Vulnerabilities
CVE-2020-28496 Vulnerability in maven package org.webjars.npm:three
CVE-2020-36381 Vulnerability in npm package aaptjs
CVE-2019-1003048 Vulnerability in maven package com.programmingresearch:prqa-plugin
CVE-2019-10313 Vulnerability in maven package org.jenkins-ci.plugins:twitter
CVE-2022-31129 Vulnerability in maven package org.webjars:momentjs