CVE-2021-21620

MEDIUM

Jenkins Claim Plugin < 2.18.1 - Cross-Site Request Forgery

Title source: llm

A cross-site request forgery (CSRF) vulnerability in Jenkins Claim Plugin 2.18.1 and earlier allows attackers to change claims.

Core 1

Core References

Vendor Advisory x_refsource_confirm

CVSS v3 4.3

EPSS 0.0025

EPSS Percentile 48.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CWE

CWE-352

Status published

Products (2)

jenkins/claim < 2.18.1

org.jenkins-ci.plugins/claim 0 - 2.18.2Maven

Published Feb 24, 2021

Tracked Since Feb 18, 2026