2 matches found
CVE-2022-41236
A cross-site request forgery CSRF vulnerability in Jenkins Security Inspector Plugin 117.v6eecc36919c2 and earlier allows attackers to replace the generated report stored in a per-session cache and displayed to authorized users at the .../report URL with a report based on attacker-specified repor...
CVE-2022-41236
The CVE-2022-41236 entry concerns the Jenkins Security Inspector Plugin (117.v6eecc36919c2 and earlier). The vulnerability is a cross-site request forgery (CSRF) that allows an attacker to replace the per-session cached report displayed at the …/report URL with a report generated from attacker-co...