CVE 2020-2197
Jenkins Project Inheritance Plugin 19.08.02 and earlier does not require users to have Job/ExtendedRead permission to access Inheritance Project job configurations in XML format.
See the
CVE page on Mitre.org
for more details.