Description
A improper authorization vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in UpdateCenter.java that allows attackers to cancel a Jenkins restart scheduled through the update center.
Remediation
References
Related Vulnerabilities
WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Scripting (1.9.5)
Chamilo Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-27426)
WordPress Plugin Frontend File Manager Arbitrary File Upload (3.3)
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20411)
MediaWiki Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-36125)