-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.jenkins-ci.plugins:reverse-proxy-auth-plugin | maven | < 1.7.5 | 1.7.5 |
Miggo AIRoot Cause AnalysisThe vulnerability stems from form validation endpoints accepting GET requests. In Jenkins plugins:
While the exact code changes aren't shown, the advisory explicitly states the root cause was missing POST enforcement on a validation endpoint. The LDAP server and credential fields would require validation methods matching these signatures. High confidence for doCheckLdapServer as it directly relates to the LDAP server parameter mentioned in CVE description.
Ongoing coverage of React2Shell