Multiple cross-site request forgery (CSRF) vulnerabilities in Jenkins prior to 1.514, LTS prior to 1.509.1, and Enterprise 1.466.x prior to 1.466.14.1 and 1.480.x prior to 1.480.4.1 allow remote malicious users to hijack the authentication of administrators for requests that (1) execute arbitrary code or (2) initiate deployment of binaries to a Maven repository via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cloudbees jenkins |
||
cloudbees jenkins 1.466 |
||
cloudbees jenkins 1.480 |
||
cloudbees jenkins 1.509 |