CVE-2019-10437 is a vulnerability in Jenkins Crx Content Package Deployer
Published on October 16, 2019
A cross-site request forgery vulnerability in Jenkins CRX Content Package Deployer Plugin 1.8.1 and earlier allowed attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
Products Associated with CVE-2019-10437
Want to know whenever a new CVE is published for Jenkins Crx Content Package Deployer? stack.watch will email you.
Affected Versions
Jenkins project Jenkins CRX Content Package Deployer Plugin Version 1.8.1 and earlier is affected by CVE-2019-10437Exploit Probability
EPSS
0.09%
Percentile
25.97%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.