Allele Security Alert
ASA-2019-00103, SECURITY-818, CVE-2019-1003020
Cross-Site Request Forgery (CSRF) vulnerability and missing permission checks in Kanboard Plugin allowed Server-Side Request Forgery (SSRF)
Jenkins Kanboard Plugin
Kanboard Plugin up to and including 1.5.10
Kanboard Plugin version 1.5.11
Proof of concept
Kanboard Plugin did not perform permission checks on a method implementing form validation. This allowed users with Overall/Read access to Jenkins to submit a GET request to an attacker-specified URL.
Additionally, this form validation method did not require POST requests, resulting in a Cross-Site Request Forgery (CSRF) vulnerability.
Thomas de Grenier de Latour
Jenkins Security Advisory 2019-01-28
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: March 6, 2019