Vulnerabilities > Jenkins > Lockable Resources > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-09-23 | CVE-2020-2281 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Lockable Resources A cross-site request forgery (CSRF) vulnerability in Jenkins Lockable Resources Plugin 2.8 and earlier allows attackers to reserve, unreserve, unlock, and reset resources. | 5.4 |
2019-03-28 | CVE-2019-1003042 | Cross-site Scripting vulnerability in Jenkins Lockable Resources A cross site scripting vulnerability in Jenkins Lockable Resources Plugin 2.4 and earlier allows attackers able to control resource names to inject arbitrary JavaScript in web pages rendered by the plugin. | 5.4 |