Vulnerabilities > Jenkins > Build Failure Analyzer > High

DATE CVE VULNERABILITY TITLE RISK
2023-09-20 CVE-2023-43500 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Build Failure Analyzer
A cross-site request forgery (CSRF) vulnerability in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers to connect to an attacker-specified hostname and port using attacker-specified username and password.
network
low complexity
jenkins CWE-352
8.8
2019-12-17 CVE-2019-16553 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Build Failure Analyzer
A cross-site request forgery vulnerability in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier allows attackers to have Jenkins evaluate a computationally expensive regular expression.
network
low complexity
jenkins CWE-352
8.8