Description
A missing permission check in Jenkins Tag Profiler Plugin 0.2 and earlier allows attackers with Overall/Read permission to reset profiler statistics.
Remediation
References
https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3083
Related Vulnerabilities
CVE-2019-12421 Vulnerability in maven package org.apache.nifi:nifi-web-api
CVE-2016-3087 Vulnerability in maven package org.apache.struts:struts2-core
CVE-2023-27479 Vulnerability in maven package org.xwiki.platform:xwiki-platform-panels-ui
CVE-2018-1999026 Vulnerability in maven package de.tracetronic.jenkins.plugins:ecutest
CVE-2017-7661 Vulnerability in maven package org.apache.cxf.fediz:fediz-jetty9