Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3
CVE-2020-2215
- EPSS 0.43%
- Published 02.07.2020 15:15:18
- Last modified 21.11.2024 05:24:58
A cross-site request forgery vulnerability in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified username and password.
4.3
CVE-2020-2216
- EPSS 0.03%
- Published 02.07.2020 15:15:18
- Last modified 21.11.2024 05:24:59
A missing permission check in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified username and password.
5.5
CVE-2020-2154
- EPSS 0.02%
- Published 09.03.2020 16:15:14
- Last modified 21.11.2024 05:24:48
Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier stores its credentials in plain text in a global configuration file on the Jenkins master file system.
1