CSRF Vulnerability in Jenkins Selenium Plugin 3.141.59 and Earlier
CVE-2020-2196 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Jenkins Selenium Plugin 3.141.59 and earlier has no CSRF protection for its HTTP endpoints, allowing attackers to perform all administrative actions provided by the plugin.
Learn more about our Web Application Penetration Testing UK.