CVE-2020-2321

2020-12-0316:15:12

Google

osv.dev

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.1%

JSON

A cross-site request forgery (CSRF) vulnerability in Jenkins Shelve Project Plugin 3.0 and earlier allows attackers to shelve, unshelve, or delete a project.

CPENameOperatorVersion
shelve-project-plugineqshelve-project-plugin-3.0
shelve-project-plugineqshelve-project-plugin-2.1
shelve-project-plugineqshelve-project-plugin-2.4
shelve-project-plugineqshelve-project-plugin-3.0-alpha-1
shelve-project-plugineqshelve-project-plugin-2.5
shelve-project-plugineq1.4-release
shelve-project-plugineqshelve-project-plugin-2.2
shelve-project-plugineqshelve-project-plugin-1.3
shelve-project-plugineqshelve-project-plugin-1.4.4
shelve-project-plugineqshelve-project-plugin-1.2

Name	Operator	Version
shelve-project-plugin	eq	shelve-project-plugin-3.0
shelve-project-plugin	eq	shelve-project-plugin-2.1
shelve-project-plugin	eq	shelve-project-plugin-2.4
shelve-project-plugin	eq	shelve-project-plugin-3.0-alpha-1
shelve-project-plugin	eq	shelve-project-plugin-2.5
shelve-project-plugin	eq	1.4-release
shelve-project-plugin	eq	shelve-project-plugin-2.2
shelve-project-plugin	eq	shelve-project-plugin-1.3
shelve-project-plugin	eq	shelve-project-plugin-1.4.4
shelve-project-plugin	eq	shelve-project-plugin-1.2