CVE-2019-10308

2019-04-30T13:29:00
ID CVE-2019-10308
Type cve
Reporter cve@mitre.org
Modified 2019-05-06T12:29:00

Description

A missing permission check in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationView#doSave form handler method allowed attackers with Overall/Read permission to change the per-job default graph configuration for all users.