CVE-2019-1003012
Summary: A data modification vulnerability in Jenkins Blue Ocean Plugin (versions 1.10.1 and earlier) allows bypassing all CSRF protections in the Blue Ocean API. Affected components (as cited): blueocean-core-js bundleStartup.js; fetch.ts; i18n.js; urlconfig.js; blueocean-rest/APICrumbExclusion....