-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIA Semantic Attack on Google Gemini - Read the Latest Research
A Semantic Attack on Google Gemini - Read the Latest Research
Miggo AI
Miggo AIRoot Cause AnalysisThe vulnerability stems from form validation methods in listed files that: 1) Lacked @RequirePOST annotations making them CSRF-vulnerable 2) Used doCheck*/doFill* patterns for form validation 3) Performed sensitive vSphere operations/credential usage 4) Only required Overall/Read access instead of Administer permissions. The patched version 2.17 added POST requirements and permission checks, confirming these validation handlers were the attack surface.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.jenkins-ci.plugins:vsphere-cloud | maven | <= 2.16 | 2.17 |