Description
A cross-site request forgery (CSRF) vulnerability in Jenkins promoted builds Plugin 3.9 and earlier allows attackers to to promote builds.
Remediation
References
http://www.openwall.com/lists/oss-security/2021/04/07/2
https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-2293
Related Vulnerabilities
CVE-2021-42010 Vulnerability in maven package org.apache.heron:heron-api
CVE-2019-9737 Vulnerability in maven package org.webjars.bowergithub.pandao:editor.md
CVE-2021-23518 Vulnerability in npm package cached-path-relative
CVE-2019-1003061 Vulnerability in maven package org.jenkins-ci.plugins:jenkins-cloudformation-plugin
CVE-2020-15500 Vulnerability in maven package org.webjars.npm:tileserver-gl