EPSS
Percentile
33.0%
jenkins is vulnerable to cross-site request forgery (CSRF). The vulnerability exists as it uses different representations of request URL paths, which allows attackers to craft URLs that allow bypassing CSRF protection of any target URL.
www.openwall.com/lists/oss-security/2020/03/25/2
access.redhat.com/errata/RHBA-2020:2444
jenkins.io/security/advisory/2020-03-25/#SECURITY-1774