Описание
Cross-site request forgery (CSRF) vulnerability in Jenkins before 1.640 and LTS before 1.625.2 allows remote attackers to hijack the authentication of administrators for requests that have unspecified impact via vectors related to the HTTP GET method.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 1.641, 1.625.3 |
| vivid | DNE | |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
Cross-site request forgery (CSRF) vulnerability in Jenkins before 1.640 and LTS before 1.625.2 allows remote attackers to hijack the authentication of administrators for requests that have unspecified impact via vectors related to the HTTP GET method.
Cross-site request forgery (CSRF) vulnerability in Jenkins before 1.640 and LTS before 1.625.2 allows remote attackers to hijack the authentication of administrators for requests that have unspecified impact via vectors related to the HTTP GET method.
Cross-site request forgery (CSRF) vulnerability in Jenkins before 1.64 ...
Jenkins Vulnerable to Cross-Site Request Forgery (CSRF) Attack
6.8 Medium
CVSS2
8.8 High
CVSS3