Full title: Jenkins 1.626 - Cross Site Request Forgery / Code Execution Vulnerabilities 
Category: web applications
Platform: java
Cross site request forgery vulnerability in Jenkins 1.626 allows remote attackers to hjiack the authentication of users for most request. Using CSRF it is able to change specific settings or even execute code on os.

# 0day.today @ http://0day.today/