CVE-2019-1003078

Cross-Site Request Forgery (CSRF) in maven/org.jenkins-ci.plugins/labmanager

Identifiers

GHSA-6j5j-w6v4-rwqr, CVE-2019-1003078

Package Slug

maven/org.jenkins-ci.plugins/labmanager

Vulnerability

Cross-Site Request Forgery (CSRF)

Description

A cross-site request forgery vulnerability in Jenkins VMware Lab Manager Slaves Plugin in the LabManager.DescriptorImpl#doTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server.

Affected Versions

All versions up to 0.2.8

Solution

Unfortunately, there is no solution available yet.

Last Modified

2024-01-31

source