24 matches found
Cross site request forgery (csrf)
A cross-site request forgery vulnerability in Jenkins CVS Plugin 2.15 and earlier allows attackers to create and manipulate tags, and to connect to an attacker-specified URL...
CVE-2020-2184
CVE-2020-2184 describes a CSRF vulnerability in Jenkins CVS Plugin (versions 2.15 and earlier). The issue arises because several HTTP endpoints do not require POST, allowing an attacker to trigger unauthorized actions such as creating/manipulating tags and connecting to an attacker-specified URL....
CVE-2020-2184
A cross-site request forgery vulnerability in Jenkins CVS Plugin 2.15 and earlier allows attackers to create and manipulate tags, and to connect to an attacker-specified URL...
PT-2020-15397 · Jenkins · Jenkins Cas Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins CVS Plugin versions 2.15 and earlier Description: A cross-site request forgery issue allows attackers to create and manipulate tags, and to connect to an attacker-specified URL, by exploiting HTTP endpoints that do not require POST...