A missing permission check in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers with Overall/Read permission to connect to Frugal Testing using attacker-specified credentials.
{
"cwe_ids": [
"CWE-862"
],
"severity": "MODERATE",
"github_reviewed_at": "2024-01-30T23:01:54Z",
"github_reviewed": true,
"nvd_published_at": "2023-09-06T13:15:11Z"
}