Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CloudBees Jenkins Mailer Plugin 跨站请求伪造漏洞
Vulnerability Description
CloudBees Jenkins(前称Hudson Labs)是美国CloudBees公司的一套基于Java开发的持续集成工具,该工具主要用于监控秩序重复的工作。Mailer Plugin是使用在其中的一个电子邮件插件。 CloudBees Jenkins 2.111版本中的Mailer Plugin 1.20版本存在跨站请求伪造漏洞。远程攻击者可通过发送/descriptorByName/hudson.tasks.Mailer/sendTestMail请求利用该漏洞以任意用户身份发送未授权的邮件。
CVSS Information
N/A
Vulnerability Type
N/A