Lucene search
China National Vulnerability DatabaseCNVD-2022-08386HistoryJan 16, 2022 - 12:00 a.m.
Jenkins Bitbucket Branch Source Plugin Cross-Site Request Forgery Vulnerability
2022-01-1600:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
0.001 Low
EPSS
Percentile
51.1%
Jenkins is a Jenkins open source application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.The Jenkins Bitbucket Branch Source Plugin is vulnerable to cross-site request forgery, which stems from a WEB application that does not adequately verify that the request is from a trusted user. An attacker could use this vulnerability to spoof malicious requests to trick victims into clicking through to perform sensitive actions.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jenkins bitbucket branch source plugin | le | 2.9.10 |
Related
osv
osv
CVE-2022-20619
2022-01-12 20:15:09
Cross-Site Request Forgery in Jenkins Bitbucket Branch Source Plugin
2022-01-13 00:01:00
github
github
Cross-Site Request Forgery in Jenkins Bitbucket Branch Source Plugin
2022-01-13 00:01:00
nvd
nvd
CVE-2022-20619
2022-01-12 20:15:09
cve
cve
CVE-2022-20619
2022-01-12 20:15:09
redhatcve
redhatcve
CVE-2022-20619
2022-01-24 17:32:29
prion
prion
Cross site request forgery (csrf)
2022-01-12 20:15:00
cvelist
cvelist
CVE-2022-20619
2022-01-12 19:05:56
nessus
nessus
Jenkins LTS < 2.319.2 / Jenkins weekly < 2.330 Multiple Vulnerabilities
2022-01-21 00:00:00
Jenkins plugins Multiple Vulnerabilities (2022-01-12)
2022-01-21 00:00:00