4 matches found
CVE-2019-10331
A cross-site request forgery vulnerability in Jenkins ElectricFlow Plugin 1.1.5 and earlier in ConfigurationdoTestConnection allowed attackers to connect to an attacker-specified URL using attacker-specified credentials...
CVE-2019-10331
A cross-site request forgery vulnerability in Jenkins ElectricFlow Plugin 1.1.5 and earlier in ConfigurationdoTestConnection allowed attackers to connect to an attacker-specified URL using attacker-specified credentials...
CVE-2019-10331
A cross-site request forgery vulnerability in Jenkins ElectricFlow Plugin 1.1.5 and earlier in ConfigurationdoTestConnection allowed attackers to connect to an attacker-specified URL using attacker-specified credentials...
CVE-2019-10331
CVE-2019-10331 affects Jenkins ElectricFlow Plugin 1.1.5 and earlier. The vulnerability stems from a missing permission check in a form validation method (Configuration#doTestConnection), enabling CSRF to trigger a connection test to an attacker-specified URL using attacker-specified credentials....