CVE-2019-10359
CVE-2019-10359
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.6%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
31 Jul 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A cross-site request forgery vulnerability in Jenkins Maven Release Plugin 0.14.0 and earlier in the M2ReleaseAction#doSubmit method allowed attackers to perform releases with attacker-specified options.
Affected products
Jenkins project · Jenkins Maven Release Plugin