Description
A cross-site request forgery (CSRF) vulnerability in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers to connect to an attacker-specified URL.
Remediation
References
https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3118
Related Vulnerabilities
CVE-2016-7103 Vulnerability in maven package org.webjars:jquery-ui
CVE-2019-16546 Vulnerability in maven package org.jenkins-ci.plugins:google-compute-engine
CVE-2018-17192 Vulnerability in maven package org.apache.nifi:nifi-jetty-bundle
CVE-2021-36162 Vulnerability in maven package org.apache.dubbo:dubbo-cluster
CVE-2018-1000189 Vulnerability in maven package org.jenkins-ci.plugins:absint-astree