Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A cross-site request forgery (CSRF) vulnerability in Jenkins dbCharts Plugin 0.5.2 and earlier allows attackers to connect to an attacker-specified database via JDBC using attacker-specified credentials and to determine if a class is available in the Jenkins instance.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Jenkins 插件跨站请求伪造漏洞
Vulnerability Description
Jenkins 插件是为Jenkins提供相应功能得插件。 Jenkins Plugin dbCharts 中存在跨站请求伪造漏洞,该漏洞源于产品未判断请求来源于可信用户。攻击者可通过该漏洞使用指定的凭据通过JDBC连接到攻击者可利用该漏洞指定的数据库,并确定一个类在Jenkins实例中是否可用。 以下产品及版本受到影响:Jenkins Plugin dbCharts 0.5.2 版本及之前版本。
CVSS Information
N/A
Vulnerability Type
N/A