CVE-2020-2287

Summary

Jenkins Audit Trail Plugin 3.6 and earlier applies pattern matching to a different representation of request URL paths than the Stapler web framework uses for dispatching requests, which allows attackers to craft URLs that bypass request logging of any target URL.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Audit Trail Pluginunspecified <= 3.6affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References