2 matches found
GHSA-7G95-JMG9-H524 Jenkins cross-site request forgery (CSRF) vulnerability
Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not require POST requests for the HTTP endpoint toggling collapsed/expanded status of sidepanel widgets e.g., Build Queue and Build Executor Status widgets, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability...
MDVA-2009:218 : kdebase4-workspace
In kde 4.3 of mandriva 2010.0 the possibility to lock/unlock widgets from the panel wasn't activated, this rpms handles this issue. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Network...