GHSA-mmrv-3cqg-hpf9, CVE-2019-1003007
maven/org.jvnet.hudson.plugins/warnings
Cross-Site Request Forgery (CSRF)
A cross-site request forgery vulnerability exists in Jenkins Warnings Plugin 5.0.0 and earlier in src/main/java/hudson/plugins/warnings/GroovyParser.java that allows attackers to execute arbitrary code via a form validation HTTP endpoint.
All versions up to 5.0.0
Upgrade to version 5.0.1 or above.
2024-01-31
source |