CSRF vulnerability in Jenkins Flaky Test Handler Plugin

Flaky Test Handler Plugin 1.0.4 and earlier does not require POST requests for the "Deflake this build" feature, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to rebuild a project at a previous git revision where the tests were failing...

The vulnerability of the “Deflake this build” function in the Jenkins Flaky Test Handler Plugin allows a perpetrator to perform cross-site fraudulently.

The vulnerability of the “Deflake this build” function in the Jenkins Flaky Test Handler Plugin is related to the lack of protection against Cross-Site Request Forgery CSRF attacks. Exploiting this vulnerability allows a malicious actor to perform CSRF attacks remotely...

PT-2020-5832 · Jenkins · Jenkins Flaky Test Handler Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Flaky Test Handler Plugin versions 1.0.4 and earlier Description: The issue is related to a cross-site request forgery CSRF vulnerability in the "Deflake this build" feature of the Jenkins Flaky Test Handler Plugin. This vulnerability...