4 matches found
CVE-2022-28139
A missing permission check in Jenkins RocketChat Notifier Plugin 1.4.10 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials...
CVE-2022-28139
creationtimestamp| type| source ---|---|--- 2022-03-29 16:41:22+00:00| seen| https://t.me/cibsecurity/39732...
CVE-2022-28139
A missing permission check in Jenkins RocketChat Notifier Plugin 1.4.10 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials...
CVE-2022-28139
CVE-2022-28139 affects Jenkins RocketChat Notifier Plugin 1.4.10 and earlier. A missing permission check in a form-validation path allows attackers with Overall/Read to connect to an attacker-specified URL using attacker-specified credentials (potential CSRF in related endpoints). Affected versio...