Description

REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks.

Remediation

References

CVE-2020-2105

Related Vulnerabilities

LimeSurvey Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-7556)

Lighttpd Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4559)

phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-35708)

OpenSSL Other Vulnerability (CVE-2015-0209)

WordPress Plugin Simple Feature Requests Free Unspecified Vulnerability (1.0.4)

Severity

Medium

Classification

CVE-2020-2105 CWE-1021 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities