Vulnerabilities > Jenkins > Fortify ON Demand Uploader > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-28 | CVE-2019-1003047 | Missing Authorization vulnerability in Jenkins Fortify on Demand Uploader A missing permission check in Jenkins Fortify on Demand Uploader Plugin 3.0.10 and earlier allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server. | 6.5 |
| 2019-03-28 | CVE-2019-1003046 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Fortify on Demand Uploader A cross-site request forgery vulnerability in Jenkins Fortify on Demand Uploader Plugin 3.0.10 and earlier allows attackers to initiate a connection to an attacker-specified server. | 6.5 |