cbcvebase.
CVE-2019-10462
published 2019-10-23

CVE-2019-10462: A cross-site request forgery vulnerability in Jenkins Dynatrace Application Monitoring Plugin 2.1.3 and earlier allowed attackers to connect to an…

high8.1CVSS 3.1
AVNACLPRNUIRSUCHIHAN
A cross-site request forgery vulnerability in Jenkins Dynatrace Application Monitoring Plugin 2.1.3 and earlier allowed attackers to connect to an attacker-specified URL using attacker-specified credentials.

Affected

12 ranges
VendorProductVersion rangeFixed in
jenkinsbitbucket_oauth_plugin
jenkinsdeploy_weblogic_plugin
jenkinsdynatrace_application_monitoring<= 2.1.3
jenkinsdynatrace_application_monitoring_plugin
jenkinsglobal_post_script_plugin
jenkinsids_in_libvirt_agents_plugin
jenkinsids_to_allow_users_configuring_the_plugin
jenkinslibvirt_agents_plugin
jenkinsmattermost_notification_plugin
jenkinssonar_gerrit_plugin
jenkinszulip_plugin
jenkins_projectjenkins_dynatrace_application_monitoring_plugin