CVE-2021-21641: A cross-site request forgery (CSRF) vulnerability in Jenkins promoted builds Plugin 3.9 and earlier allows attackers to to promote builds.

medium4.3CVSS 3.1

AVNACLPRNUIRSUCNILAN

A cross-site request forgery (CSRF) vulnerability in Jenkins promoted builds Plugin 3.9 and earlier allows attackers to to promote builds.

6 ranges

Vendor	Product	Version range	Fixed in
jenkins	jenkins_core	—	—
jenkins	jenkins_lts	—	—
jenkins	jenkins_weekly	—	—
jenkins	opentext_application_automation_tools_plugin	—	—
jenkins	promoted_builds	<= 3.9	—
jenkins_project	jenkins_promoted_builds_plugin	unspecified – 3.9	—