Description

Jenkins before 1.640 and LTS before 1.625.2 allow remote attackers to bypass the CSRF protection mechanism via unspecified vectors.

Remediation

References

CVE-2015-7538

Related Vulnerabilities

IBM RTC Files or Directories Accessible to External Parties Vulnerability (CVE-2017-1602)

GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-22868)

Oracle Application Server Other Vulnerability (CVE-2002-2153)

WordPress Plugin RSS Aggregator by Feedzy-Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator Server-Side Request Forgery (4.4.7)

PHP NULL Pointer Dereference Vulnerability (CVE-2016-7130)

Severity

High

Classification

CVE-2015-7538 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities