CVE-2019-10307

Summary

A cross-site request forgery vulnerability in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationView#doSave form handler method allowed attackers to change the per-job default graph configuration for all users.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Static Analysis Utilities Plugin1.95 and earlieraffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References