Lucene search
China National Vulnerability DatabaseCNVD-2022-54940HistoryMar 31, 2022 - 12:00 a.m.
Jenkins JiraTestResultReporter Plugin跨站请求伪造漏洞
2022-03-3100:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
0.001 Low
EPSS
Percentile
34.5%
Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins JiraTestResultReporter Plugin 165.v817928553942 and earlier versions are vulnerable to cross-site request forgery, which stems from a form validation method that does not require a POST request The vulnerability can be exploited to connect to a specified URL using its specified credentials.
Related
nvd
nvd
CVE-2022-28136
2022-03-29 13:15:08
cve
cve
CVE-2022-28136
2022-03-29 13:15:08
osv
osv
CSRF vulnerability and missing permission check in Jenkins JiraTestResultReporter Plugin
2022-03-30 00:00:25
CVE-2022-28136
2022-03-29 13:15:08
prion
prion
Cross site request forgery (csrf)
2022-03-29 13:15:00
cvelist
cvelist
CVE-2022-28136
2022-03-29 12:30:48
alpinelinux
alpinelinux
CVE-2022-28136
2022-03-29 13:15:08
github
github
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2022-03-29)
2022-03-31 00:00:00