CVE-2019-10359
CVE-2019-10359 affects Jenkins Maven Release Plugin (versions 0.14.0 and earlier). The root cause is a cross-site request forgery in the M2ReleaseAction#doSubmit method, enabling attackers to perform releases with attacker-specified options. The vulnerability is documented across multiple sources...