Jenkins Matrix Reloaded Plugin 1.1.3 and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery (CSRF) vulnerability. This vulnerability allows attackers to rebuild previous matrix builds.
Jenkins Matrix Reloaded Plugin 1.1.3 and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery (CSRF) vulnerability. This vulnerability allows attackers to rebuild previous matrix builds.