CVE-2020-2281

GHSA-rvww-w62m-hch8, CVE-2020-2281

maven/org.6wind.jenkins/lockable-resources

Cross-Site Request Forgery (CSRF)

A cross-site request forgery (CSRF) vulnerability in Jenkins Lockable Resources Plugin 2.8 and earlier allows attackers to reserve, unreserve, unlock, and reset resources.

All versions before 2.9

Upgrade to version 2.9 or above.

2023-01-16