CVE-2019-10289

Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 04/04/2019 Updated: 25/10/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

A cross-site request forgery vulnerability in Jenkins Netsparker Cloud Scan Plugin 1.1.5 and older in the NCScanBuilder.DescriptorImpl#doValidateAPI form validation method allowed malicious users to initiate a connection to an attacker-specified server.

Vulnerable Product	Search on Vulmon	Subscribe to Product
jenkins netsparker cloud scan

CVE-2019-1003051 CVE-2019-1003052 CVE-2019-1003054 CVE-2019-1003053 CVE-2019-1003055 CVE-2019-1003056 CVE-2019-1003057 CVE-2019-1003058 (CSRF) and CVE-2019-1003059 (permission check) CVE-2019-1003060 CVE-2019-1003061 CVE-2019-1003062 CVE-2019-1003063 CVE-2019-1003064 CVE-2019-1003065 CVE-2019-1003066 CVE ...

CWE-352 https://jenkins.io/security/advisory/2019-04-03/#SECURITY-1032 http://www.securityfocus.com/bid/107790 http://www.openwall.com/lists/oss-security/2019/04/12/2 https://nvd.nist.gov http://seclists.org/oss-sec/2019/q2/22

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-10289

Vulnerability Summary

Vulnerability Trend

Mailing Lists

References

Vulmon Search

About

Products

Connect