Description
A cross-site request forgery vulnerability in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationView#doSave form handler method allowed attackers to change the per-job default graph configuration for all users.
Remediation
References
http://www.openwall.com/lists/oss-security/2019/04/30/5
http://www.securityfocus.com/bid/108159
https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1100
Related Vulnerabilities
CVE-2020-7687 Vulnerability in npm package fast-http
CVE-2022-36897 Vulnerability in maven package com.compuware.jenkins:compuware-xpediter-code-coverage
CVE-2020-7680 Vulnerability in npm package docsify
CVE-2021-41532 Vulnerability in maven package org.apache.ozone:ozone-recon
CVE-2021-34538 Vulnerability in maven package org.apache.hive:hive