Описание
CSRF vulnerability in Jenkins Frugal Testing Plugin
A cross-site request forgery (CSRF) vulnerability in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers to connect to Frugal Testing using attacker-specified credentials, and to retrieve test IDs and names from Frugal Testing, if a valid credential corresponds to the attacker-specified username.
Пакеты
Наименование
io.jenkins.plugins:frugal-testing
maven
Затронутые версииВерсия исправления
<= 1.1
Отсутствует
Связанные уязвимости
CVSS3: 3.5
nvd
больше 2 лет назад
A cross-site request forgery (CSRF) vulnerability in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers to connect to Frugal Testing using attacker-specified credentials, and to retrieve test IDs and names from Frugal Testing, if a valid credential corresponds to the attacker-specified username.