CVE-2020-2321

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2020-2321

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-2321.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-2321

Aliases

GHSA-9f37-ggxm-h6wx

Published

2020-12-03T16:15:12.763Z

Modified

2026-03-13T00:35:25.086165Z

Severity

8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H CVSS Calculator

Summary

[none]

Details

A cross-site request forgery (CSRF) vulnerability in Jenkins Shelve Project Plugin 3.0 and earlier allows attackers to shelve, unshelve, or delete a project.

References

Affected packages

Git / github.com/jenkinsci/shelve-project-plugin

Affected ranges

Type

GIT

Repo

https://github.com/jenkinsci/shelve-project-plugin

Events

Introduced

Last affected

a3bfdc73656822a362761c11c51e84dd3d960a12

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.0"
        }
    ]
}

Affected versions

1.*

1.4-release

shelve-project-plugin-1.*

shelve-project-plugin-1.2

shelve-project-plugin-1.3

shelve-project-plugin-1.4.4

shelve-project-plugin-1.5

shelve-project-plugin-2.*

shelve-project-plugin-2.0

shelve-project-plugin-2.1

shelve-project-plugin-2.2

shelve-project-plugin-2.3

shelve-project-plugin-2.4

shelve-project-plugin-2.5

shelve-project-plugin-3.*

shelve-project-plugin-3.0

shelve-project-plugin-3.0-alpha-1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-2321.json"