CVE-2018-1000014

GHSA-pwvj-6phx-qv8c, CVE-2018-1000014

maven/org.jenkins-ci.plugins/translation

Cross-Site Request Forgery (CSRF)

Jenkins Translation Assistance Plugin 1.15 and earlier does not require form submissions to be submitted via POST, resulting in a CSRF vulnerability allowing attackers to override localized strings displayed to all users on the current Jenkins instance if the victim is a Jenkins administrator.

All versions up to 1.15

Upgrade to version 1.16 or above.

2024-01-31