2 matches found
CVE-2019-10338
The CVE-2019-10338 issue affects Jenkins JX Resources Plugin (versions 1.0.36 and earlier). The root cause is a lack of permission checks in a form-validation method (GlobalPluginConfiguration#doValidateClient), enabling a user with Jenkins access to cause Jenkins to connect to an attacker-specif...
CVE-2019-10338
A cross-site request forgery vulnerability in Jenkins JX Resources Plugin 1.0.36 and earlier in GlobalPluginConfigurationdoValidateClient allowed attackers to have Jenkins connect to an attacker-specified Kubernetes server, potentially leaking credentials...