Vulnerabilities > Jenkins > Database > 1.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-01 | CVE-2020-2242 | Missing Authorization vulnerability in Jenkins Database A missing permission check in Jenkins database Plugin 1.6 and earlier allows attackers with Overall/Read access to Jenkins to connect to an attacker-specified database server using attacker-specified credentials. | 6.5 |
| 2020-09-01 | CVE-2020-2241 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Database A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to connect to an attacker-specified database server using attacker-specified credentials. | 8.8 |
| 2020-09-01 | CVE-2020-2240 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Database A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to execute arbitrary SQL scripts. | 8.8 |