Описание
External Monitor Job Type Plugin does not require POST requests for an HTTP endpoint
Jenkins External Monitor Job Type Plugin 191.v363d0d1efdf8 and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery (CSRF) vulnerability.
This vulnerability allows attackers to create runs of an external job.
External Monitor Job Type Plugin 192.ve979ca_8b_3ccd requires POST requests for the affected HTTP endpoint.
Пакеты
org.jenkins-ci.plugins:external-monitor-job
<= 191.v363d0d1efdf8
192.ve979ca_8b_3ccd
Связанные уязвимости
A cross-site request forgery (CSRF) vulnerability in Jenkins External Monitor Job Type Plugin 191.v363d0d1efdf8 and earlier allows attackers to create runs of an external job.
Уязвимость плагина Jenkins External Monitor Job Type Plugin, связанная с подделкой межсайтовых запросов, позволяющая нарушителю осуществить CSRF-атаку