もっと詳しく

Flaky Test Handler Plugin 1.0.4 and earlier does not require POST requests for the “Deflake this build” feature, resulting in a cross-site request forgery (CSRF) vulnerability.

This vulnerability allows attackers to rebuild a project at a previous git revision where the tests were failing.

References