A missing permission check in Jenkins XP-Dev Plugin 1.0 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to an attacker-specified repository.
{
"cwe_ids": [
"CWE-862"
],
"severity": "MODERATE",
"github_reviewed_at": "2022-11-21T22:23:19Z",
"github_reviewed": true,
"nvd_published_at": "2022-11-15T20:15:00Z"
}