A cross-site request forgery vulnerability in Jenkins Audit to Database Plugin in the DbAuditPublisherDescriptorImpl#doTestJdbcConnection form validation method allows attackers to initiate a connection to an attacker-specified server.
CPE | Name | Operator | Version |
---|---|---|---|
org.jenkins-ci.plugins:audit2db | eq | 0.4 | |
org.jenkins-ci.plugins:audit2db | eq | 0.5 |