CVE-2025-27624
CVE-2025-27624
Título es
CVE-2025-27624
Mié, 05/03/2025 – 23:15
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2025-27624
Descripción en
A cross-site request forgery (CSRF) vulnerability in Jenkins 2.499 and earlier, LTS 2.492.1 and earlier allows attackers to have users toggle their collapsed/expanded status of sidepanel widgets (e.g., Build Queue and Build Executor Status widgets).
06/03/2025
06/03/2025
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
Pendiente de análisis
Referencias
https://www.jenkins.io/security/advisory/2025-03-05/#SECURITY-3498
Enviar en el boletín
Off
