CVE-2019-16560

Summary

A cross-site request forgery vulnerability in Jenkins WebSphere Deployer Plugin 1.6.1 and earlier allows attackers to perform connection tests and determine whether files with an attacker-specified path exist on the Jenkins master file system.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins WebSphere Deployer Pluginunspecified <= 1.6.1affected
Jenkins projectJenkins WebSphere Deployer Pluginnext of 1.6.1 < unspecifiedunknown

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References