Jenkins: >> Audit To Database >> 0.2 Security Vulnerabilities
A cross-site request forgery vulnerability in Jenkins Audit to Database Plugin in the DbAuditPublisherDescriptorImpl#doTestJdbcConnection form validation method allows attackers to initiate a connection to an attacker-specified server.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-04-04
A missing permission check in Jenkins Audit to Database Plugin in the DbAuditPublisherDescriptorImpl#doTestJdbcConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-04-04