0.001 Low
EPSS
Percentile
26.2%
A cross-site request forgery vulnerability in Jenkins Maven Release Plugin prior to 0.15.0 in the M2ReleaseAction#doSubmit method allowed attackers to perform releases with attacker-specified options.
www.openwall.com/lists/oss-security/2019/07/31/1
github.com/jenkinsci/m2release-plugin
github.com/jenkinsci/m2release-plugin/commit/2f1117d011e1ef200f28bbb0c24bf918b89704b6
jenkins.io/security/advisory/2019-07-31/#SECURITY-1098
nvd.nist.gov/vuln/detail/CVE-2019-10359