cvedb.io
CVE-2018-1999032
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2018-08-01T13:29:00.687 · Last modified 2026-06-17T01:48:19.120

Summary

A data modification vulnerability exists in Jenkins Agiletestware Pangolin Connector for TestRail Plugin 2.1 and earlier in GlobalConfig.java that allows attackers with Overall/Read permission to override this plugin's configuration by sending crafted HTTP requests to an unprotected endpoint.

Affected products

agiletestware — pangolin_connector_for_testrail

Does this affect you?

Add your gear to cvedb and we'll alert you only when agiletestware ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.