Vulnerabilities > Jenkins > Benchmark Evaluator > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-12 | CVE-2023-37962 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Benchmark Evaluator 1.0.0/1.0.1 A cross-site request forgery (CSRF) vulnerability in Jenkins Benchmark Evaluator Plugin 1.0.1 and earlier allows attackers to connect to an attacker-specified URL and to check for the existence of directories, `.csv`, and `.ycsb` files on the Jenkins controller file system. | 8.8 |