CVE-2022-28143

A cross-site request forgery CSRF vulnerability in Jenkins Proxmox Plugin 0.7.0 and earlier allows attackers to connect to an attacker-specified host using attacker-specified username and password perform a connection test, disable SSL/TLS validation for the entire Jenkins controller JVM as part ...

PT-2022-18843 · Jenkins · Jenkins Proxmox Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Proxmox Plugin version 0.7.0 and earlier Description: The issue allows attackers with Overall/Read permission to connect to a specified host using a specified username and password, and perform a connection test. This also enables the...