Jenkins Maven Release Plugin contains Cross-Site Request Forgery vulnerability

A cross-site request forgery vulnerability in Jenkins Maven Release Plugin prior to 0.15.0 in the M2ReleaseActiondoSubmit method allowed attackers to perform releases with attacker-specified options...

CloudBees Jenkins Maven Release Plugin Cross-Site Request Forgery Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Maven Release Plugin is used in one of the...

Cross site request forgery (csrf)

A cross-site request forgery vulnerability in Jenkins Maven Release Plugin 0.14.0 and earlier in the M2ReleaseActiondoSubmit method allowed attackers to perform releases with attacker-specified options...

CVE-2019-10359

A cross-site request forgery vulnerability in Jenkins Maven Release Plugin 0.14.0 and earlier in the M2ReleaseActiondoSubmit method allowed attackers to perform releases with attacker-specified options...

PT-2019-11755 · Jenkins · Jenkins Maven Release Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Maven Release Plugin versions 0.14.0 and earlier Jenkins Maven Release Plugin versions prior to 0.15.0 Description: A cross-site request forgery issue allows attackers to perform releases with attacker-specified options in the...