Описание
Cross-site request forgery vulnerability in Jenkins HTMLResource Plugin
A cross-site request forgery (CSRF) vulnerability in Jenkins HTMLResource Plugin 1.02 and earlier allows attackers to delete arbitrary files on the Jenkins controller file system.
Пакеты
Наименование
org.jenkins-ci.plugins:htmlresource
maven
Затронутые версииВерсия исправления
<= 1.02
Отсутствует
Связанные уязвимости
CVSS3: 8.1
nvd
около 2 лет назад
A cross-site request forgery (CSRF) vulnerability in Jenkins HTMLResource Plugin 1.02 and earlier allows attackers to delete arbitrary files on the Jenkins controller file system.