Description
A missing permission check in Jenkins Tag Profiler Plugin 0.2 and earlier allows attackers with Overall/Read permission to reset profiler statistics.
Remediation
References
https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3083
Related Vulnerabilities
CVE-2021-21666 Vulnerability in maven package org.jenkins-ci.plugins:kiuwanjenkinsplugin
CVE-2023-49397 Vulnerability in maven package com.jfinal:jfinal
CVE-2016-4436 Vulnerability in maven package org.apache.struts:struts2-core
CVE-2018-1000152 Vulnerability in maven package org.jenkins-ci.plugins:vsphere-cloud
CVE-2023-43497 Vulnerability in maven package org.jenkins-ci.main:jenkins-core