Description
A cross-site request forgery (CSRF) vulnerability in Jenkins MongoDB Plugin 1.3 and earlier allows attackers to gain access to some metadata of any arbitrary files on the Jenkins controller.
Remediation
References
http://www.openwall.com/lists/oss-security/2020/09/16/3
https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1904
Related Vulnerabilities
CVE-2022-31172 Vulnerability in maven package org.webjars.npm:openzeppelin__contracts
CVE-2020-17531 Vulnerability in maven package org.apache.tapestry:tapestry-core
CVE-2023-33246 Vulnerability in maven package org.apache.rocketmq:rocketmq-broker
CVE-2019-10745 Vulnerability in npm package assign-deep
CVE-2023-3691 Vulnerability in maven package org.webjars:layui