Описание
Jenkins TraceTronic ECU-TEST Plugin server-side request forgery vulnerability
A server-side request forgery vulnerability exists in Jenkins TraceTronic ECU-TEST Plugin 2.3 and earlier in ATXPublisher.java that allows attackers to have Jenkins send HTTP requests to an attacker-specified host.
Пакеты
Наименование
de.tracetronic.jenkins.plugins:ecutest
maven
Затронутые версииВерсия исправления
<= 2.3
2.4
Связанные уязвимости
CVSS3: 6.5
nvd
больше 7 лет назад
A server-side request forgery vulnerability exists in Jenkins TraceTronic ECU-TEST Plugin 2.3 and earlier in ATXPublisher.java that allows attackers to have Jenkins send HTTP requests to an attacker-specified host.