CVE-2018-1999039
01.08.2018, 13:29
A server-side request forgery vulnerability exists in Jenkins Confluence Publisher Plugin 2.0.1 and earlier in ConfluenceSite.java that allows attackers to have Jenkins submit login requests to an attacker-specified Confluence server URL with attacker specified credentials.
| Vendor | Product | Version |
|---|---|---|
| jenkins | confluence_publisher | 𝑥 ≤ 2.0.1 |
𝑥
= Vulnerable software versions