Cross-Site Request Forgery (CSRF)
Affecting org.jenkins-ci.plugins:jx-resources artifact, versions [,1.0.37)
org.jenkins-ci.plugins:jx-resources is a Jenkins plugin for managing Jenkins X kubernetes resources.
Affected versions of this package are vulnerable to Cross-Site Request Forgery (CSRF).
A vulnerability in Jenkins JX Resources Plugin and earlier in
GlobalPluginConfiguration#doValidateClient allowed attackers to have Jenkins connect to an attacker-specified Kubernetes server, potentially leaking credentials.
org.jenkins-ci.plugins:jx-resources to version 1.0.37 or higher.