PT-2017-10937 · Jenkins · Jenkins Favorite Plugin+1

Andres Rodriguez

·

Published

2017-11-01

·

Updated

2022-05-14

·

CVE-2017-1000244

CVSS v3.1

8.8

High

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Jenkins Favorite Plugin versions 2.2.0 and older
Description The issue allows for CSRF, resulting in data modification.
Recommendations For Jenkins Favorite Plugin versions 2.2.0 and older, update to a version newer than 2.2.0 to resolve the issue.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2017-1000244
GHSA-JQWH-JRPG-5J3H

Affected Products

Jenkins
Jenkins Favorite Plugin