2 matches found
CVE-2022-36917
A missing permission check in Jenkins Google Cloud Backup Plugin 0.6 and earlier allows attackers with Overall/Read permission to request a manual backup...
CVE-2022-36917
CVE-2022-36917 affects Jenkins Google Cloud Backup Plugin 0.6 and earlier, where a missing permission check in an HTTP endpoint allows attackers with Overall/Read to request a manual backup. The issue can enable CSRF exposure due to non-POST endpoint usage and, per PT-security notes, may enable c...