A cross-site request forgery vulnerability in Jenkins Fortify on Demand Plugin 5.0.1 and earlier allows attackers to connect to the globally configured Fortify on Demand endpoint using attacker-specified credentials IDs.
CPE | Name | Operator | Version |
---|---|---|---|
fortify_on_demand | le | 5.0.1 |