Slack Notification
Monthly
A cross-site request forgery vulnerability in Jenkins Slack Notification Plugin 2.19 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.
A missing permission check in Jenkins Slack Notification Plugin 2.19 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.
A cross-site request forgery vulnerability in Jenkins Slack Notification Plugin 2.19 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.
A missing permission check in Jenkins Slack Notification Plugin 2.19 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.