Description
A cross-site request forgery vulnerability in Jenkins Deploy WebLogic Plugin allows attackers to connect to an attacker-specified URL using attacker-specified credentials, or determine whether a file or directory with an attacker-specified path exists on the Jenkins master file system.
Remediation
References
https://jenkins.io/security/advisory/2019-10-23/#SECURITY-820
http://www.openwall.com/lists/oss-security/2019/10/23/2
Related Vulnerabilities
CVE-2023-34189 Vulnerability in maven package org.apache.inlong:manager-service
CVE-2023-3691 Vulnerability in maven package org.webjars.bowergithub.diguoyihao:layui
CVE-2023-32070 Vulnerability in maven package org.xwiki.rendering:xwiki-rendering-xml
CVE-2022-43435 Vulnerability in maven package org.jenkins-ci.plugins.plugin:fireline
CVE-2015-5347 Vulnerability in maven package org.apache.wicket:wicket-extensions