2 matches found
CVE-2022-34210
CVE-2022-34210 — Jenkins ThreadFix Plugin : The vulnerability occurs in ThreadFix Plugin versions 1.5.4 and earlier due to a missing permission check in the form-validation path. This allows attackers with Overall/Read permission to cause the plugin to connect to an attacker-specified URL. The pu...
CVE-2022-34210
A missing permission check in Jenkins ThreadFix Plugin 1.5.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL...