PT-2021-14663 · Jenkins · Jenkins Claim Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Claim Plugin versions 2.18.1 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to change claims. This issue arises because the form submission endpoint for assigning claims does not require POST...