CVE-2019-10377

2019-08-07T15:15:00
ID CVE-2019-10377
Type cve
Reporter cve@mitre.org
Modified 2020-10-01T16:33:00

Description

A missing permission check in Jenkins Avatar Plugin 1.2 and earlier allows attackers with Overall/Read access to change the avatar of any user of Jenkins.