A server-side request forgery vulnerability exists in Jenkins Confluence Publisher Plugin 2.0.1 and previous versions in ConfluenceSite.java that allows malicious users to have Jenkins submit login requests to an attacker-specified Confluence server URL with attacker specified credentials.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jenkins confluence publisher |