CVE-2019-10305

2019-04-18T17:29:00
ID CVE-2019-10305
Type cve
Reporter cve@mitre.org
Modified 2019-04-24T18:21:00

Description

A missing permission check in Jenkins XebiaLabs XL Deploy Plugin in the Credential#doValidateUserNamePassword form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.