Description
A cross-site request forgery vulnerability in Jenkins Artifactory Plugin 3.2.2 and earlier in ReleaseAction#doSubmit, GradleReleaseApiAction#doStaging, MavenReleaseApiAction#doStaging, and UnifiedPromoteBuildAction#doSubmit allowed attackers to schedule a release build, perform release staging for Gradle and Maven projects, and promote previously staged builds, respectively.
Remediation
References
Related Vulnerabilities
WebLogic CVE-2016-0574 Vulnerability (CVE-2016-0574)
Mibew Messenger Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-0829)
WordPress Plugin Synchi Arbitrary File Deletion (5.1)
WordPress Plugin Traffic Manager Multiple Vulnerabilities (1.4.5)
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-4613)