Medium severity4.3NVD Advisory· Published Aug 1, 2018· Updated Jun 17, 2026
CVE-2018-1999039
CVE-2018-1999039
Description
A server-side request forgery vulnerability exists in Jenkins Confluence Publisher Plugin 2.0.1 and earlier in ConfluenceSite.java that allows attackers to have Jenkins submit login requests to an attacker-specified Confluence server URL with attacker specified credentials.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jenkins-ci.plugins:confluence-publisherMaven | < 2.0.2 | 2.0.2 |
Affected products
1Patches
Vulnerability mechanics
References
3- github.com/advisories/GHSA-5339-9974-hqj9ghsaADVISORY
- jenkins.io/security/advisory/2018-07-30/nvdVendor AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2018-1999039ghsaADVISORY
News mentions
0No linked articles in our index yet.