Description
A server-side request forgery vulnerability exists in Jenkins URLTrigger Plugin 0.41 and earlier in URLTrigger.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL.
Remediation
References
https://jenkins.io/security/advisory/2018-06-25/#SECURITY-819
Related Vulnerabilities
CVE-2020-6541 Vulnerability in maven package org.webjars.npm:electron
CVE-2018-14042 Vulnerability in maven package org.webjars:bootstrap-sass
CVE-2023-39522 Vulnerability in npm package @goauthentik/api
CVE-2020-16042 Vulnerability in npm package electron
CVE-2023-36665 Vulnerability in maven package org.webjars.npm:github-com-protobufjs-protobuf-js