PT-2019-11773 · Jenkins · Jenkins Avatar Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Avatar Plugin versions 1.2 and earlier Description: A missing permission check in the plugin allows attackers with Overall/Read access to change the avatar of any user of Jenkins. Recommendations: For Jenkins Avatar Plugin versions 1....