4 matches found
CVE-2022-28138
A cross-site request forgery CSRF vulnerability in Jenkins RocketChat Notifier Plugin 1.4.10 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credential...
CVE-2022-28138
A cross-site request forgery CSRF vulnerability in Jenkins RocketChat Notifier Plugin 1.4.10 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credential...
CVE-2022-28138
CVE-2022-28138 is a CSRF flaw in Jenkins RocketChat Notifier Plugin 1.4.10 and earlier that allows an attacker with no special privileges to cause the controller to connect to a URL of the attacker’s choosing using attacker‑supplied credentials. The linked sources confirm the affected component (...
CVE-2022-28138
A cross-site request forgery CSRF vulnerability in Jenkins RocketChat Notifier Plugin 1.4.10 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credential...