Description
A cross-site request forgery (CSRF) vulnerability in Jenkins 2.329 and earlier, LTS 2.319.1 and earlier allows attackers to trigger build of job without parameters when no security realm is set.
Remediation
References
Related Vulnerabilities
WordPress Plugin Twitter Feed:Embedded Timeline 'url' Parameter Cross-Site Scripting (0.3.1)
RubyGems Cryptographic Issues Vulnerability (CVE-2013-4287)
WordPress Plugin Rezgo Online Booking Cross-Site Scripting (4.1.7)
MySQL CVE-2014-4274 Vulnerability (CVE-2014-4274)
Squid Improper Input Validation Vulnerability (CVE-2016-4555)