2 matches found
CVE-2019-10368
A cross-site request forgery vulnerability in Jenkins JClouds Plugin 2.14 and earlier in BlobStoreProfile.DescriptorImpldoTestConnection and JCloudsCloud.DescriptorImpldoTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified...
CVE-2019-10368
The CVE-2019-10368 vulnerability affects the Jenkins JClouds Plugin (versions 2.14 and earlier). A cross-site request forgery exists in the form validation paths BlobStoreProfile.DescriptorImpl#doTestConnection and JCloudsCloud.DescriptorImpl#doTestConnection, where an attacker with Overall/Read ...