CVE-2018-1999038
The CVE-2018-1999038 case concerns Jenkins Publisher Over CIFS Plugin (versions ≤0.10). The vulnerability arises from CifsPublisherPluginDescriptor.java, enabling a confused deputy: an attacker can cause Jenkins to connect to a CIFS server of the attacker’s choosing using the attacker’s credentia...