← Back

CVE-2026-57305

nvd nist
Published: Jun 24, 2026Modified: Jun 25, 2026

JSON object

Loading...
5.4
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Exploitability: 2.8 / Impact: 2.5
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

A cross-site request forgery (CSRF) vulnerability in Jenkins Assembla Plugin 1.4 and earlier allows attackers to connect to an attacker-specified URL using an attacker-specified username and password.

Affected (1)

Products: Jenkins: Assembla
1 product
Assembla
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Up to 1.4

References (1)

Source: jenkinsci-cert@googlegroups.com
Vendor Advisory

Timeline

No history available yet.