Moderate severityOSV Advisory· Published Jan 9, 2019· Updated Aug 5, 2024
CVE-2018-1000411
CVE-2018-1000411
Description
A cross-site request forgery vulnerability exists in Jenkins JUnit Plugin 1.25 and earlier in TestObject.java that allows setting the description of a test result.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jenkins-ci.plugins:junitMaven | < 1.26 | 1.26 |
Affected products
2- Range: junit-1.0, junit-1.1, junit-1.10, …
Patches
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
6- github.com/advisories/GHSA-x9gm-m8pp-54vxghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-1000411ghsaADVISORY
- www.securityfocus.com/bid/106532mitrevdb-entryx_refsource_BID
- github.com/jenkinsci/junit-plugin/commit/091ee0dc8dd6023713827ce1a5914fa9fa9b6043ghsaWEB
- jenkins.io/security/advisory/2018-09-25/ghsax_refsource_CONFIRMWEB
- web.archive.org/web/20200227092927/http://www.securityfocus.com/bid/106532ghsaWEB
News mentions
0No linked articles in our index yet.