CVE-2019-10359

Summary

A cross-site request forgery vulnerability in Jenkins Maven Release Plugin 0.14.0 and earlier in the M2ReleaseAction#doSubmit method allowed attackers to perform releases with attacker-specified options.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Maven Release Plugin0.14.0 and earlieraffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References