Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins Snow Commander Plugin 2.0 and earlier versions contain a cross-site request forgery vulnerability that stems from a WEB application that does not adequately verify that the request is from a trusted user. An attacker could exploit the vulnerability to connect to an attacker-specified Web server via an attacker-specified credential ID and capture the credentials stored in Jenkins.