Description
A cross-site request forgery vulnerability in Jenkins CVS Plugin 2.15 and earlier allows attackers to create and manipulate tags, and to connect to an attacker-specified URL.
Remediation
References
http://www.openwall.com/lists/oss-security/2020/05/06/3
https://jenkins.io/security/advisory/2020-05-06/#SECURITY-1094
Related Vulnerabilities
CVE-2021-3503 Vulnerability in maven package org.wildfly:wildfly-metrics
CVE-2022-21222 Vulnerability in npm package css-what
CVE-2021-43090 Vulnerability in maven package com.predic8:soa-model-core
CVE-2022-45935 Vulnerability in maven package org.apache.james:apache-mailet-standard
CVE-2010-5312 Vulnerability in maven package org.fujion.webjars:jquery-ui