High severity8.8NVD Advisory· Published Sep 1, 2020· Updated Jun 17, 2026
CVE-2020-2240
CVE-2020-2240
Description
A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to execute arbitrary SQL scripts.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jenkins-ci.plugins:databaseMaven | < 1.7 | 1.7 |
Affected products
2- Range: unspecified
Patches
Vulnerability mechanics
References
5- www.openwall.com/lists/oss-security/2020/09/01/3nvdMailing ListThird Party AdvisoryWEB
- github.com/advisories/GHSA-jf9j-hx2j-m9xhghsaADVISORY
- jenkins.io/security/advisory/2020-09-01/nvdVendor AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2020-2240ghsaADVISORY
- github.com/jenkinsci/database-plugin/commit/a68258cf17ba8d5264010cc760770a62a3cc6c2dghsaWEB
News mentions
1- Jenkins Security Advisory 2020-09-01Jenkins Security Advisories · Sep 1, 2020