CVE-2019-1003008
CVSS v3.0
8.8 (High)
CVSS v2.0
6.8 (Medium)
EPSS
0.10 % (41th)
Affected Products
1
Advisories
2
A cross-site request forgery vulnerability exists in Jenkins Warnings Next Generation Plugin 2.1.1 and earlier in src/main/java/io/jenkins/plugins/analysis/warnings/groovy/GroovyParser.java that allows attackers to execute arbitrary code via a form validation HTTP endpoint.
Weaknesses
- CWE-352
- Cross-Site Request Forgery (CSRF)
- CVE Status
- PUBLISHED
- CNA
- Jenkins Project
- Published Date
-
2019-02-06 16:29:00
(5 years ago) - Updated Date
-
2023-10-25 18:16:01
(10 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...