Jenkins Subversion Partial Release Manager vulnerabilities

CVE-2024-34148 [MEDIUM] CVE-2024-34148: Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier programmatically disables the fi Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier programmatically disables the fix for CVE-2016-3721 whenever a build is triggered from a release tag, by setting the Java system property 'hudson.model.ParametersAction.keepUndefinedParameters'.

CVE-2024-28158 [MEDIUM] CWE-352 CVE-2024-28158: A cross-site request forgery (CSRF) vulnerability in Jenkins Subversion Partial Release Manager Plug A cross-site request forgery (CSRF) vulnerability in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers to trigger a build.

CVE-2024-28159 [MEDIUM] CWE-862 CVE-2024-28159: A missing permission check in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier al A missing permission check in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers with Item/Read permission to trigger a build.

CVE-2020-2199 [MEDIUM] CWE-79 CVE-2020-2199: Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier does not escape the error messag Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier does not escape the error message for the repository URL field form validation, resulting in a reflected cross-site scripting vulnerability.