0.001 Low
EPSS
Percentile
21.7%
favorite plugin is vulnerable to unauthorized changes. The users can easily set other user’s favorite status since it fails to validate the authorization of a user to writes other user’s favorite status.
www.securityfocus.com/bid/101946
github.com/jenkinsci/favorite-plugin/commit/b6359532fe085d9ea6b7894e997e797806480777
jenkins.io/security/advisory/2017-06-06/