
We found results for “”
CVE-2025-31723
Good to know:

Date: April 2, 2025
A cross-site request forgery (CSRF) vulnerability in Jenkins Simple Queue Plugin 1.4.6 and earlier allows attackers to change and reset the build queue order.
Severity Score
Related Resources (5)
Severity Score
Weakness Type (CWE)
Cross-Site Request Forgery (CSRF)
CWE-352Top Fix

Upgrade Version
Upgrade to version io.jenkins.plugins:simple-queue:1.4.7;io.jenkins.plugins:simple-queue:1.4.7;https://github.com/jenkinsci/simple-queue-plugin.git - simple-queue-1.4.7
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | REQUIRED |
Scope (S): | UNCHANGED |
Confidentiality (C): | NONE |
Integrity (I): | LOW |
Availability (A): | NONE |