First published: Wed Sep 25 2019(Updated: )
A cross-site request forgery vulnerability in Jenkins Project Inheritance Plugin 2.0.0 and earlier allowed attackers to trigger project generation from templates.
Credit: jenkinsci-cert@googlegroups.com jenkinsci-cert@googlegroups.com
Affected Software | Affected Version | How to fix |
---|---|---|
Jenkins Project Inheritance | <=19.08.01 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-10408 is a cross-site request forgery vulnerability in Jenkins Project Inheritance Plugin 2.0.0 and earlier.
Attackers can exploit CVE-2019-10408 by triggering project generation from templates.
CVE-2019-10408 has a severity score of 4.3, which is considered medium.
Jenkins Project Inheritance Plugin versions up to and including 2.0.0 are affected by CVE-2019-10408.
To fix CVE-2019-10408, upgrade Jenkins Project Inheritance Plugin to version 19.08.01 or later.