A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.27.5 and previous versions allows malicious users to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jenkins blue ocean |