Cross-Site Request Forgery Vulnerability in Jenkins Maven Release Plugin 0.16.1 and Earlier

Cross-Site Request Forgery Vulnerability in Jenkins Maven Release Plugin 0.16.1 and Earlier

CVE-2019-16550 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

A cross-site request forgery vulnerability in a connection test form method in Jenkins Maven Release Plugin 0.16.1 and earlier allows attackers to have Jenkins connect to an attacker specified web server and parse XML documents.

Learn more about our Web App Pen Testing.