CVE-2017-1000084: Incorrect Default Permissions
(updated )
Parameterized Trigger Plugin fails to check Item/Build permission: The Parameterized Trigger Plugin does not check the build authentication it was running as and allowed triggering any other project in Jenkins.
References
Code Behaviors & Features
Detect and mitigate CVE-2017-1000084 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →