Jenkins vRealize Orchestrator Plugin跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project. jenkins Plugin is an application. jenkins vRealize Orchestrator Plugin 3.0 and earlier versions have a cross-site request forgery vulnerability that stems from the plugin’s failure to perform permission checks in the HTTP endpoint. An attacker could use this vulnerability to send HTTP POST requests to enable cross-site request forgery attacks.