Description
A cross-site request forgery (CSRF) vulnerability in Jenkins MATLAB Plugin 2.11.0 and earlier allows attackers to have Jenkins parse an XML file from the Jenkins controller file system.
Remediation
References
https://www.jenkins.io/security/advisory/2023-11-29/#SECURITY-3193
http://www.openwall.com/lists/oss-security/2023/11/29/1
Related Vulnerabilities
CVE-2016-5002 Vulnerability in maven package org.apache.xmlrpc:xmlrpc
CVE-2015-1832 Vulnerability in maven package org.apache.derby:derby
CVE-2023-49093 Vulnerability in maven package org.htmlunit:htmlunit
CVE-2016-10735 Vulnerability in maven package li.rudin.mavenjs:bootstrap
CVE-2019-5427 Vulnerability in maven package com.mchange:c3p0