3 matches found
CVE-2018-1000188
A server-side request forgery vulnerability exists in Jenkins CAS Plugin 1.4.1 and older in CasSecurityRealm.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL...
CVE-2018-1000188
A server-side request forgery vulnerability exists in Jenkins CAS Plugin 1.4.1 and older in CasSecurityRealm.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL...
CVE-2018-1000188
The vulnerability CVE-2018-1000188 affects Jenkins CAS Plugin (versions 1.4.1 and older) and its CasSecurityRealm.java, enabling a server-side request forgery (SSRF) where an attacker with Overall/Read access can cause Jenkins to send a GET request to an arbitrary URL. The issue is documented acr...