Vulnerabilities > Jenkins > Avatar > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-08-07 | CVE-2019-10377 | Missing Authorization vulnerability in Jenkins Avatar 1.0/1.1/1.2 A missing permission check in Jenkins Avatar Plugin 1.2 and earlier allows attackers with Overall/Read access to change the avatar of any user of Jenkins. | 4.3 |