Advisories for Maven/Org.zeroturnaround/Cluster-Stats package

2022

Missing Authorization

A missing permission check in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics.

Cross-Site Request Forgery (CSRF)

A cross-site request forgery (CSRF) vulnerability in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics.