Moderate severityNVD Advisory· Published Sep 16, 2020· Updated Aug 4, 2024
CVE-2020-2268
CVE-2020-2268
Description
A cross-site request forgery (CSRF) vulnerability in Jenkins MongoDB Plugin 1.3 and earlier allows attackers to gain access to some metadata of any arbitrary files on the Jenkins controller.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jenkins-ci.plugins:mongodbMaven | <= 1.3 | — |
Affected products
2- Range: unspecified
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-j6p9-hm3q-hwmjghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-2268ghsaADVISORY
- www.openwall.com/lists/oss-security/2020/09/16/3ghsamailing-listx_refsource_MLISTWEB
- www.jenkins.io/security/advisory/2020-09-16/ghsax_refsource_CONFIRMWEB
News mentions
1- Jenkins Security Advisory 2020-09-16Jenkins Security Advisories · Sep 16, 2020