CSRF Vulnerability in Jenkins Translation Assistance Plugin Allows Unauthorized String Overrides
CVE-2018-1000014 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
Jenkins Translation Assistance Plugin 1.15 and earlier did not require form submissions to be submitted via POST, resulting in a CSRF vulnerability allowing attackers to override localized strings displayed to all users on the current Jenkins instance if the victim is a Jenkins administrator.
Learn more about our User Device Pen Test.