Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:12 a.m.9 views

CVE-2019-1003008

A cross-site request forgery vulnerability exists in Jenkins Warnings Next Generation Plugin 2.1.1 and earlier in src/main/java/io/jenkins/plugins/analysis/warnings/groovy/GroovyParser.java that allows attackers to execute arbitrary code via a form validation HTTP endpoint...

8.8CVSS7.5AI score0.01151EPSS
Exploits0References1
OSV
OSV
added 2019/02/06 4:29 p.m.16 views

CVE-2019-1003008

A cross-site request forgery vulnerability exists in Jenkins Warnings Next Generation Plugin 2.1.1 and earlier in src/main/java/io/jenkins/plugins/analysis/warnings/groovy/GroovyParser.java that allows attackers to execute arbitrary code via a form validation HTTP endpoint...

8.8CVSS7.5AI score
Exploits0References1
Cvelist
Cvelist
added 2019/02/06 4:0 p.m.30 views

CVE-2019-1003008

A cross-site request forgery vulnerability exists in Jenkins Warnings Next Generation Plugin 2.1.1 and earlier in src/main/java/io/jenkins/plugins/analysis/warnings/groovy/GroovyParser.java that allows attackers to execute arbitrary code via a form validation HTTP endpoint...

8.9AI score0.01151EPSS
Exploits0References1
CVE
CVE
added 2019/02/06 4:0 p.m.56 views

CVE-2019-1003008

CVE-2019-1003008 describes a CSRF vulnerability in Jenkins Warnings Next Generation Plugin (versions ≤ 2.1.1) where a form-validation HTTP endpoint used to validate a Groovy script lacked sandbox protection and did not require POST, enabling arbitrary code execution on the Jenkins controller via ...

8.8CVSS8.8AI score0.01151EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder