FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

jenkins -- multiple vulnerabilities

Affected packages
jenkins <= 2.227
jenkins-lts <= 2.204.5

Details

VuXML ID 5bf6ed6d-9002-4f43-ad63-458f59e45384
Discovery 2020-03-25
Entry 2020-03-25

Jenkins Security Advisory:

Description

(High) SECURITY-1774 / CVE-2020-2160

CSRF protection for any URL could be bypassed

(Medium) SECURITY-1781 / CVE-2020-2161

Stored XSS vulnerability in label expression validation

(Medium) SECURITY-1793 / CVE-2020-2162

Stored XSS vulnerability in file parameters

(Medium) SECURITY-1796 / CVE-2020-2163

Stored XSS vulnerability in list view column headers

References

CVE Name CVE-2020-2160
CVE Name CVE-2020-2161
CVE Name CVE-2020-2162
CVE Name CVE-2020-2163
URL https://jenkins.io/security/advisory/2020-03-25/