CVE-2020-2093
published 2020-01-15CVE-2020-2093: A cross-site request forgery vulnerability in Jenkins Health Advisor by CloudBees Plugin 3.0 and earlier allows attackers to send an email with fixed content…
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
A cross-site request forgery vulnerability in Jenkins Health Advisor by CloudBees Plugin 3.0 and earlier allows attackers to send an email with fixed content to an attacker-specified recipient.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | amazon_ec2_plugin | — | — |
| jenkins | health_advisor_by_cloudbees | <= 3.0 | — |
| jenkins | health_advisor_by_cloudbees_plugin | — | — |
| jenkins | redgate_sql_change_automation_plugin | — | — |
| jenkins | robot_framework_plugin | — | — |
| jenkins | sounds_plugin | — | — |
| jenkins_project | jenkins_health_advisor_by_cloudbees_plugin | unspecified – 3.0 | — |