3 matches found
CVE-2021-21675
A cross-site request forgery CSRF vulnerability in Jenkins requests-plugin Plugin 2.2.12 and earlier allows attackers to create requests and/or have administrators apply pending requests...
CVE-2021-21675
A cross-site request forgery CSRF vulnerability in Jenkins requests-plugin Plugin 2.2.12 and earlier allows attackers to create requests and/or have administrators apply pending requests...
CVE-2021-21675
Summary: CVE-2021-21675 is a CSRF vulnerability in Jenkins’ requests-plugin that affects versions 2.2.12 and earlier. The flaw arises because certain HTTP endpoints did not require POST, allowing attackers to craft requests or cause administrators to apply pending requests (e.g., renaming or dele...