Advisories for Maven/Com.barchart.jenkins/Maven-Release-Cascade package

Jenkins Maven Cascade Release Plugin does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to start cascade builds and layout builds, and reconfigure the plugin.

A cross-site request forgery (CSRF) vulnerability in Jenkins Maven Cascade Release Plugin allows attackers to start cascade builds and layout builds, and reconfigure the plugin.