Description
A cross-site request forgery (CSRF) vulnerability in Jenkins Email Extension Plugin allows attackers to make another user stop watching an attacker-specified job.
Remediation
References
https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3088%20(2)
Related Vulnerabilities
CVE-2023-50768 Vulnerability in maven package org.sonatype.nexus.ci:nexus-jenkins-plugin
CVE-2019-10436 Vulnerability in maven package org.jenkins-ci.plugins:google-oauth-plugin
CVE-2019-1003033 Vulnerability in maven package org.jenkins-ci.plugins:groovy
CVE-2023-49804 Vulnerability in npm package uptime-kuma
CVE-2021-24033 Vulnerability in maven package org.webjars.npm:react-dev-utils