CVE-2022-30946

2022-05-1715:15:08

Google

osv.dev

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.2%

JSON

A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver.

CPENameOperatorVersion
script-security-plugineqscript-security-1.46
script-security-plugineqscript-security-1.77
script-security-plugineq1158.v7c1b_73a_69a_08
script-security-plugineqscript-security-1.25
script-security-plugineq1131.v8b_b_5eda_c328e
script-security-plugineqscript-security-1.3
script-security-plugineqscript-security-1.6
script-security-plugineqscript-security-1.2
script-security-plugineqscript-security-1.8
script-security-plugineqscript-security-1.71

Name	Operator	Version
script-security-plugin	eq	script-security-1.46
script-security-plugin	eq	script-security-1.77
script-security-plugin	eq	1158.v7c1b_73a_69a_08
script-security-plugin	eq	script-security-1.25
script-security-plugin	eq	1131.v8b_b_5eda_c328e
script-security-plugin	eq	script-security-1.3
script-security-plugin	eq	script-security-1.6
script-security-plugin	eq	script-security-1.2
script-security-plugin	eq	script-security-1.8
script-security-plugin	eq	script-security-1.71