Jenkins Project Jenkins Database Plugin vulnerabilities

CVE-2020-2241 [HIGH] CWE-352 CVE-2020-2241: A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to connect to an attacker-specified database server using attacker-specified credentials.

CVE-2020-2240 [HIGH] CWE-352 CVE-2020-2240: A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to execute arbitrary SQL scripts.

CVE-2020-2242 [MEDIUM] CWE-862 CVE-2020-2242: A missing permission check in Jenkins database Plugin 1.6 and earlier allows attackers with Overall/ A missing permission check in Jenkins database Plugin 1.6 and earlier allows attackers with Overall/Read access to Jenkins to connect to an attacker-specified database server using attacker-specified credentials.