Описание
Cross-Site Request Forgery in Jenkins Gerrit Trigger Plugin
A cross-site request forgery vulnerability in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials.
Пакеты
Наименование
com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger
maven
Затронутые версииВерсия исправления
< 2.30.2
2.30.2
Связанные уязвимости
CVSS3: 8.8
nvd
около 6 лет назад
A cross-site request forgery vulnerability in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials.