CVE-2020-2281

Cross-Site Request Forgery (CSRF) in maven/org.6wind.jenkins/lockable-resources

Identifiers

GHSA-rvww-w62m-hch8, CVE-2020-2281

Package Slug

maven/org.6wind.jenkins/lockable-resources

Vulnerability

Cross-Site Request Forgery (CSRF)

Description

A cross-site request forgery (CSRF) vulnerability in Jenkins Lockable Resources Plugin 2.8 and earlier allows attackers to reserve, unreserve, unlock, and reset resources.

Affected Versions

All versions before 2.9

Solution

Upgrade to version 2.9 or above.

Last Modified

2023-01-15

source