CVE-2020-2287
maven/org.jenkins-ci.plugins/audit-trail
Improper Interaction Between Multiple Correctly-Behaving Entities
Jenkins Audit Trail Plugin applies pattern matching to a different representation of request URL paths than the Stapler web framework uses for dispatching requests, which allows attackers to craft URLs that bypass request logging of any target URL.
All versions up to 3.6
Upgrade to version 3.7 or above.
2020-10-22
source |