Git

Security Warnings

• CSRF vulnerability in Git plugin allows capturing credentials(last version affected: 3.3.1)
• CSRF vulnerability in Git plugin allows capturing credentials(last version affected: 3.4.0-beta-1)
• Users without Overall/Read are able to access lists of user names and node names(last version affected: 3.7.0)
• Server-side request forgery(last version affected: 3.9.0)
• Server-side request forgery(last version affected: 4.0.0-beta1)
• CSRF vulnerability(last version affected: 3.9.1)
• Stored XSS vulnerability(last version affected: 4.2.0)
• Stored XSS vulnerability(last version affected: 4.8.2)
• Multiple SCM plugins can check out from the controller file system(last version affected: 4.11.1)
• Lack of authentication mechanism in webhook(last version affected: 4.11.3)
• Improper masking of credentials(last version affected: 4.11.4)