Описание
A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver.
Ссылки
- Mailing ListThird Party Advisory
- Vendor Advisory
- Mailing ListThird Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1172.v35f6a_0b_8207e (исключая)
cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*
EPSS
Процентиль: 16%
0.0005
Низкий
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 4.3
redhat
больше 3 лет назад
A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver.
CVSS3: 4.3
github
больше 3 лет назад
CSRF vulnerability in Jenkins Script Security Plugin
EPSS
Процентиль: 16%
0.0005
Низкий
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-352