GHSA-278v-j3cr-jv2x, CVE-2019-1003020
maven/org.jenkins-ci.plugins/kanboard
Server-Side Request Forgery (SSRF)
A server-side request forgery vulnerability exists in Jenkins Kanboard Plugin 1.5.10 and earlier in KanboardGlobalConfiguration.java that allows attackers with Overall/Read permission to submit a GET request to an attacker-specified URL.
All versions up to 1.5.10
Upgrade to version 1.5.11 or above.
2024-01-31
source |