High severity8.8NVD Advisory· Published Sep 1, 2020· Updated Jun 17, 2026
CVE-2020-2241
CVE-2020-2241
Description
A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to connect to an attacker-specified database server using attacker-specified credentials.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jenkins-ci.plugins:databaseMaven | < 1.7 | 1.7 |
Affected products
2- Range: unspecified
Patches
Vulnerability mechanics
References
5- www.openwall.com/lists/oss-security/2020/09/01/3nvdMailing ListThird Party AdvisoryWEB
- github.com/advisories/GHSA-9rvw-7mx7-h53xghsaADVISORY
- jenkins.io/security/advisory/2020-09-01/nvdVendor AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2020-2241ghsaADVISORY
- github.com/jenkinsci/database-plugin/commit/7a438d96897af0034cb2e06db0819ca4595c24cbghsaWEB
News mentions
1- Jenkins Security Advisory 2020-09-01Jenkins Security Advisories · Sep 1, 2020