Unauthenticated Project Triggering Vulnerability in Parameterized Trigger Plugin

Unauthenticated Project Triggering Vulnerability in Parameterized Trigger Plugin

CVE-2017-1000084 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

Parameterized Trigger Plugin fails to check Item/Build permission: The Parameterized Trigger Plugin did not check the build authentication it was running as and allowed triggering any other project in Jenkins.

Learn more about our Web Application Penetration Testing UK.