CVE-2019-1003059

Missing Authorization in maven/org.jvnet.hudson.plugins/ftppublisher

Identifiers

GHSA-rcrv-6r7r-rr7m, CVE-2019-1003059

Package Slug

maven/org.jvnet.hudson.plugins/ftppublisher

Vulnerability

Missing Authorization

Description

A missing permission check in Jenkins FTP publisher Plugin in the FTPPublisher.DescriptorImpl#doLoginCheck method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.

Affected Versions

All versions up to 1.2

Solution

Unfortunately, there is no solution available yet.

Last Modified

2024-01-31

source