GHSA-95jq-24cr-pgrq
GitHub Security Advisory
Cross-site request forgery in Jenkins Gerrit Trigger Plugin
✓ GitHub Reviewed
MODERATE
Has CVE
Advisory Details
A cross-site request forgery (CSRF) vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit.
Affected Packages
Maven
com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger
Affected versions:
0
(fixed in 2.38.1)
Related CVEs
Key Information
5.0
/10
Dataset
Last updated: July 5, 2025 6:26 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.