CVE-2020-15768

An issue was discovered in Gradle Enterprise 2017.3 – 2020.2.4 and Gradle Enterprise Build Cache Node 1.0 – 9.2. Unrestricted HTTP header reflection allows remote attackers to obtain authentication cookies (if an XSS issue exists) via the /info/headers, /cache-info/headers, /admin-info/headers, /distribution-broker-info/headers, or /cache-node-info/headers path.

Source: CVE-2020-15768