Vulnerabilities > Jenkins > Role Based Authorization Strategy > High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-10-08	CVE-2020-2286	Unspecified vulnerability in Jenkins Role-Based Authorization Strategy Jenkins Role-based Authorization Strategy Plugin 3.0 and earlier does not properly invalidate a permission cache when the configuration is changed, resulting in permissions being granted based on an outdated configuration. network low complexity jenkins	8.8
2017-10-05	CVE-2017-1000090	Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Role-Based Authorization Strategy Role-based Authorization Strategy Plugin was not requiring requests to its API be sent via POST, thereby opening itself to Cross-Site Request Forgery attacks. network low complexity jenkins CWE-352	8.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.