Advisories for Maven/Org.jvnet.hudson.plugins/Sounds package

Jenkins Sounds Plugin does not perform permission checks in URLs performing form validation, allowing attackers with Overall/Read access to execute arbitrary OS commands as the OS user account running Jenkins.

A cross-site request forgery vulnerability in Jenkins Sounds Plugin allows attacker to execute arbitrary OS commands as the OS user account running Jenkins.