2 matches found
CVE-2022-34794
Missing permission checks in Jenkins Recipe Plugin 1.2 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML...
CVE-2022-34794
CVE-2022-34794 affects Jenkins Recipe Plugin (versions 1.2 and earlier). The root cause is missing permission checks, enabling attackers with Overall/Read to cause the plugin to send an HTTP request to an attacker‑supplied URL and parse the response as XML. Some sources also note the plugin could...