Description
A cross-site request forgery (CSRF) vulnerability in Jenkins MongoDB Plugin 1.3 and earlier allows attackers to gain access to some metadata of any arbitrary files on the Jenkins controller.
Remediation
References
http://www.openwall.com/lists/oss-security/2020/09/16/3
https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1904
Related Vulnerabilities
CVE-2023-40340 Vulnerability in maven package org.jenkins-ci.plugins:nodejs
CVE-2019-16728 Vulnerability in maven package org.webjars.npm:dompurify
CVE-2019-19771 Vulnerability in npm package ecuvre
CVE-2021-32796 Vulnerability in npm package xmldom
CVE-2023-34189 Vulnerability in maven package org.apache.inlong:manager-web