Missing permission checks in Jenkins PaaSLane Estimate Plugin 1.0.4 and previous versions allow attackers with Overall/Read permission to connect to an attacker-specified URL using an attacker-specified token.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jenkins paaslane estimate |