0.001 Low
EPSS
Percentile
33.2%
Jenkins release plugin is vulnerable to cross-site request forgery (CSRF) attacks. These attacks are possible because the POST requests used to trigger builds do not require a form submission.
github.com/jenkinsci/release-plugin/commit/fe1660a5ebff2377b6a64214c6012e8615b3f81f
jenkins.io/security/advisory/2018-01-22/