An improper authorization vulnerability exists in Jenkins Promoted Builds Plugin 2.31.1 and earlier in Status.java and ManualCondition.java that allow an attacker with read access to jobs to perform promotions.
{ "github_reviewed_at": "2024-01-30T22:43:31Z", "cwe_ids": [ "CWE-863" ], "nvd_published_at": "2018-03-13T13:29:00Z", "severity": "MODERATE", "github_reviewed": true }