CVE-2020-2196

Summary

Jenkins Selenium Plugin 3.141.59 and earlier has no CSRF protection for its HTTP endpoints, allowing attackers to perform all administrative actions provided by the plugin.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Selenium Pluginunspecified <= 3.141.59affected
Jenkins projectJenkins Selenium Pluginnext of 3.141.59 < unspecifiedunknown

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References