Описание
Cross-Site Request Forgery in Jenkins XPath Configuration Viewer Plugin
A cross-site request forgery (CSRF) vulnerability in Jenkins XPath Configuration Viewer Plugin 1.1.1 and earlier allows attackers to create and delete XPath expressions.
Пакеты
Наименование
org.jenkins-ci.plugins:xpath-config-viewer
maven
Затронутые версииВерсия исправления
<= 1.1.1
Отсутствует
Связанные уязвимости
CVSS3: 4.3
nvd
больше 3 лет назад
A cross-site request forgery (CSRF) vulnerability in Jenkins XPath Configuration Viewer Plugin 1.1.1 and earlier allows attackers to create and delete XPath expressions.