CVE-2026-9674

A cross-site request forgery CSRF vulnerability in Jenkins Multijob Plugin 662.vd2e0001f6bbd and earlier allows attackers to resume failed Multijob builds...

Cross-site Request Forgery (CSRF)

Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF due to not requiring POST requests for an HTTP endpoint. This vulnerability allows attackers to resume failed Multijob builds. Remediation Upgrade org.jenkins-ci.plugins:jenkins-multijob-plugin to version...

CVE-2026-9674

A cross-site request forgery CSRF vulnerability in Jenkins Multijob Plugin 662.vd2e0001f6bbd and earlier allows attackers to resume failed Multijob builds...

CVE-2026-9674

CVE-2026-9674 is a CSRF vulnerability in Jenkins Multijob Plugin (versions including 662.vd2e0001f6b_b_d and earlier) that allows an attacker to resume failed Multijob builds. The NVD/NVD-derived data attributes a CVSS v3.1 base score of 4.3 (Medium) with network attack vector, low attack complex...

CVE-2026-9674

A cross-site request forgery CSRF vulnerability in Jenkins Multijob Plugin 662.vd2e0001f6bbd and earlier allows attackers to resume failed Multijob builds...

EUVD-2026-32519

A cross-site request forgery CSRF vulnerability in Jenkins Multijob Plugin 662.vd2e0001f6bbd and earlier allows attackers to resume failed Multijob builds...

CVE-2026-9674

A cross-site request forgery CSRF vulnerability in Jenkins Multijob Plugin 662.vd2e0001f6bbd and earlier allows attackers to resume failed Multijob builds...

CVE-2026-9674

A cross-site request forgery CSRF vulnerability in Jenkins Multijob Plugin 662.vd2e0001f6bbd and earlier allows attackers to resume failed Multijob builds...

CVE-2026-9674

A cross-site request forgery CSRF vulnerability in Jenkins Multijob Plugin 662.vd2e0001f6bbd and earlier allows attackers to resume failed Multijob builds...

Jenkins Multijob Plugin 安全漏洞

Jenkins Multijob Plugin is an open-source plugin for Jenkins that manages multi-task builds. The Jenkins Multijob Plugin 662.vd2e0001f6bbd and earlier versions have security vulnerabilities. These vulnerabilities stem from cross-site request forgery attacks, which may allow attackers to restore...

PT-2026-44033

A cross-site request forgery CSRF vulnerability in Jenkins Multijob Plugin 662.vd2e0001f6b b d and earlier allows attackers to resume failed Multijob builds...

SUSE CVE-2017-1000390

Jenkins Multijob plugin version 1.25 and earlier did not check permissions in the Resume Build action, allowing anyone with Job/Read permission to resume the build...

GHSA-P9R2-GGHQ-HC57 Jenkins Multijob plugin did not check permissions in the Resume Build action

Jenkins Multijob plugin version 1.25 and earlier did not check permissions in the Resume Build action, allowing anyone with Job/Read permission to resume the build. Multijob plugin 1.26 introduced a permission check requiring Overall/Administer. This was lowered to Job/Build in version 1.27...

Jenkins Multijob plugin did not check permissions in the Resume Build action

Jenkins Multijob plugin version 1.25 and earlier did not check permissions in the Resume Build action, allowing anyone with Job/Read permission to resume the build. Multijob plugin 1.26 introduced a permission check requiring Overall/Administer. This was lowered to Job/Build in version 1.27...

org.jenkins-ci.plugins:vectorcast-execution (>=0.16 <=0.61), org.zeroturnaround.jenkins:build-flow-test-aggregator (>=1.1 <=1.2) potentially affected by CVE-2017-1000390 via org.jenkins-ci.plugins:jenkins-multijob-plugin (>=1.16 <=1.21)

org.jenkins-ci.plugins:jenkins-multijob-plugin MAVEN version =1.16, =0.16, =1.1, =1.2 Source cves: CVE-2017-1000390 Source advisory: OSV:GHSA-P9R2-GGHQ-HC57...

CloudBees Jenkins Multijob plugin security bypass vulnerability

CloudBees Jenkins is a Java-based continuous integration tool from CloudBees, Inc. that is used to monitor ongoing software releases/testing projects and timed tasks.Multijob is used as one of the options for defining complex and hierarchical job structures in Jenkins. A security bypass...

CVE-2017-1000390

Jenkins Multijob plugin version 1.25 and earlier did not check permissions in the Resume Build action, allowing anyone with Job/Read permission to resume the build...

Code injection

Jenkins Multijob plugin version 1.25 and earlier did not check permissions in the Resume Build action, allowing anyone with Job/Read permission to resume the build...

CVE-2017-1000390

Jenkins Multijob plugin version 1.25 and earlier did not check permissions in the Resume Build action, allowing anyone with Job/Read permission to resume the build...

CVE-2017-1000390

Jenkins Multijob plugin version 1.25 and earlier did not check permissions in the Resume Build action, allowing anyone with Job/Read permission to resume the build...