CVE-2023-49655
published 2023-11-29CVE-2023-49655: A cross-site request forgery (CSRF) vulnerability in Jenkins MATLAB Plugin 2.11.0 and earlier allows attackers to have Jenkins parse an XML file from the…
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
A cross-site request forgery (CSRF) vulnerability in Jenkins MATLAB Plugin 2.11.0 and earlier allows attackers to have Jenkins parse an XML file from the Jenkins controller file system.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | google_compute_engine_plugin | — | — |
| jenkins | jira_plugin | — | — |
| jenkins | matlab | < 2.11.1 | 2.11.1 |
| jenkins | matlab_plugin | — | — |
| jenkins_project | jenkins_matlab_plugin | <= 2.11.0 | — |