CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Veracode•added 2025/12/13 5:0 a.m.•4 views

Cross-site Request Forgery (CSRF)

org.jenkins-ci.plugins, publish-to-bitbucket is vulnerable to cross-site request forgery CSRF. The vulnerability is due to missing CSRF protection in the plugin configuration endpoints, which allows an attacker to force a victim to connect Jenkins to an attacker-controlled URL using...

5.4CVSS6.8AI score0.00026EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2025/10/29 1:29 p.m.•1 views

CVE-2025-64141

A cross-site request forgery CSRF vulnerability in Jenkins Nexus Task Runner Plugin 0.9.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials...

6.4AI score0.00019EPSS

Exploits0References1

Positive Technologies•added 2022/07/27 12:0 a.m.•1 views

PT-2022-4025 · Jenkins · Jenkins Openshift Deployer Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins OpenShift Deployer Plugin versions 1.2.0 and earlier Description: The issue is related to a missing permission check in the plugin, which can be exploited by attackers with Overall/Read permission to connect to an attacker-specified U...

6.8CVSS6.2AI score0.00171EPSS

Exploits0References10

ATTACKERKB•added 2022/03/29 1:15 p.m.•2 views

CVE-2022-28136

A cross-site request forgery CSRF vulnerability in Jenkins JiraTestResultReporter Plugin 165.v817928553942 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials...

8.8CVSS5.8AI score0.00074EPSS

Exploits0References3

OSV•added 2022/02/15 5:15 p.m.•1 views

CVE-2022-25194

A cross-site request forgery CSRF vulnerability in Jenkins autonomiq Plugin 1.15 and earlier allows attackers to connect to an attacker-specified URL server using attacker-specified credentials...

8.8CVSS5.7AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by