Cross-site Request Forgery (CSRF)
Affecting org.jenkins-ci.plugins:relution-publisher artifact, versions [0,]Report new vulnerabilities
org.jenkins-ci.plugins:relution-publisher is a Jenkins plugin for the Relution Enterprise Appstore.
Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF). A missing permission check in a form validation method that does not require POST requests allows users with Overall/Read permission to initiate a connection test to an attacker-specified URL using attacker-specified credentials and attacker-specified HTTP proxy configuration.
There is no fixed version for