CVE-2022-27214

2022-03-1516:46:06

jenkins

www.cve.org

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.0%

JSON

A cross-site request forgery (CSRF) vulnerability in Jenkins Release Helper Plugin 1.3.3 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials.

CNA Affected

[
  {
    "product": "Jenkins Release Helper Plugin",
    "vendor": "Jenkins project",
    "versions": [
      {
        "lessThanOrEqual": "1.3.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "unknown",
        "version": "next of 1.3.3",
        "versionType": "custom"
      }
    ]
  }
]