CVE-2017-1000243

Jenkins Favorite Plugin 2.1.4 and older does not perform permission checks when changing favorite status, allowing any user to set any other user's favorites
Configurations

Configuration 1 (hide)

cpe:2.3:a:jenkins:favorite_plugin:*:*:*:*:*:jenkins:*:*

History

No history.

Information

Published : 2017-11-01 13:29

Updated : 2024-02-28 16:04


NVD link : CVE-2017-1000243

Mitre link : CVE-2017-1000243

CVE.ORG link : CVE-2017-1000243


JSON object : View

Products Affected

jenkins

  • favorite_plugin
CWE
CWE-862

Missing Authorization