Description
A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0.5 and earlier allows attacker to execute arbitrary OS commands as the OS user account running Jenkins.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2022-5694 | A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0.5 and earlier allows attacker to execute arbitrary OS commands as the OS user account running Jenkins. |
Github GHSA |
GHSA-x37x-3fw2-5qw2 | CSRF vulnerability in Jenkins Sounds Plugin allow OS command execution |
References
History
No history.
Status: PUBLISHED
Assigner: jenkins
Published:
Updated: 2024-08-04T07:01:39.583Z
Reserved: 2019-12-05T00:00:00.000Z
Link: CVE-2020-2098
No data.
Status : Modified
Published: 2020-01-15T16:15:15.073
Modified: 2026-06-17T03:11:45.130
Link: CVE-2020-2098
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-352
Cross-Site Request Forgery (CSRF)
EUVD
Github GHSA