Description
A cross-site request forgery vulnerability in Jenkins VMware Lab Manager Slaves Plugin in the LabManager.DescriptorImpl#doTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server.
Remediation
References
http://www.securityfocus.com/bid/107790
https://jenkins.io/security/advisory/2019-04-03/#SECURITY-979
Related Vulnerabilities
CVE-2016-10542 Vulnerability in maven package org.webjars.npm:ws
CVE-2021-41084 Vulnerability in maven package org.http4s:http4s-server_3
CVE-2022-23505 Vulnerability in npm package passport-wsfed-saml2
CVE-2019-15608 Vulnerability in maven package org.webjars.npm:yarn
CVE-2016-10744 Vulnerability in maven package org.webjars:select2