GHSA-xjch-wqmw-fgcp, CVE-2019-10388
maven/org.jenkins-ci.plugins/relution-publisher
Cross-Site Request Forgery (CSRF)
A cross-site request forgery vulnerability in Jenkins Relution Enterprise Appstore Publisher Plugin 1.24 and earlier allows attackers to have Jenkins initiate an HTTP connection to an attacker-specified server.
All versions up to 1.24
Unfortunately, there is no solution available yet.
2023-02-03
source |