Jenkins Favorite Plugin vulnerable to Cross-Site Request Forgery
High severity
GitHub Reviewed
Published
May 14, 2022
to the GitHub Advisory Database
•
Updated Feb 2, 2023
Description
Published by the National Vulnerability Database
Nov 1, 2017
Published to the GitHub Advisory Database
May 14, 2022
Reviewed
Nov 22, 2022
Last updated
Feb 2, 2023
Jenkins Favorite Plugin version 2.2.0 and older is vulnerable to CSRF resulting in data modification.
References