CVE-2019-1003020
Server-Side Request Forgery (SSRF) in maven/org.jenkins-ci.plugins/kanboard
Identifiers
GHSA-278v-j3cr-jv2x, CVE-2019-1003020
Package Slug
maven/org.jenkins-ci.plugins/kanboard
Vulnerability
Server-Side Request Forgery (SSRF)
Description
A server-side request forgery vulnerability exists in Jenkins Kanboard Plugin 1.5.10 and earlier in KanboardGlobalConfiguration.java that allows attackers with Overall/Read permission to submit a GET request to an attacker-specified URL.
Affected Versions
All versions up to 1.5.10
Solution
Upgrade to version 1.5.11 or above.
Last Modified
2024-01-31
| source |