CVE-2018-8718 · CVEKit

cve.orgen

238 chars

Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request.

NVDen

238 chars

Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request.

OSV.deven

238 chars

Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request.

GHSAen

238 chars

Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request.

NVDes

268 chars

Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el plugin Mailer 1.20 para Jenkins 2.111 permite que usuarios autenticados remotos envíen correos no autorizados como un usuario arbitrario mediante una petición /descriptorByName/hudson.tasks.Mailer/sendTestMail.

CVSS metrics across sources

3

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.0	6.8	6.4	AV:N/AC:M/Au:S/C:P/I:P/A:P
3.0	Primary	NVD	8.0	2.1	5.9	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H