Cross-Site Request Forgery Vulnerability in Jenkins Config File Provider Plugin
CVE-2018-1000414 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:P
A cross-site request forgery vulnerability exists in Jenkins Config File Provider Plugin 3.1 and earlier in ConfigFilesManagement.java, FolderConfigFileAction.java that allows creating and editing configuration file definitions.
Learn more about our Web Application Penetration Testing UK.