Jenkins Project Jenkins Matrix Authorization Strategy Plugin vulnerabilities
2 known vulnerabilities affecting jenkins_project/jenkins_matrix_authorization_strategy_plugin.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2021-21623MEDIUMCVSS 6.5≥ unspecified, ≤ 2.6.52021-03-18
CVE-2021-21623 [MEDIUM] CWE-863 CVE-2021-21623: An incorrect permission check in Jenkins Matrix Authorization Strategy Plugin 2.6.5 and earlier allo
An incorrect permission check in Jenkins Matrix Authorization Strategy Plugin 2.6.5 and earlier allows attackers with Item/Read permission on nested items to access them, even if they lack Item/Read permission for parent folders.
nvd
CVE-2020-2226MEDIUMCVSS 5.4≥ unspecified, ≤ 2.6.12020-07-15
CVE-2020-2226 [MEDIUM] CWE-79 CVE-2020-2226: Jenkins Matrix Authorization Strategy Plugin 2.6.1 and earlier does not escape user names shown in t
Jenkins Matrix Authorization Strategy Plugin 2.6.1 and earlier does not escape user names shown in the configuration, resulting in a stored cross-site scripting vulnerability.
nvd