4 matches found
CVE-2022-41236
A cross-site request forgery CSRF vulnerability in Jenkins Security Inspector Plugin 117.v6eecc36919c2 and earlier allows attackers to replace the generated report stored in a per-session cache and displayed to authorized users at the .../report URL with a report based on attacker-specified repor...
CVE-2022-41236
A cross-site request forgery CSRF vulnerability in Jenkins Security Inspector Plugin 117.v6eecc36919c2 and earlier allows attackers to replace the generated report stored in a per-session cache and displayed to authorized users at the .../report URL with a report based on attacker-specified repor...
CVE-2022-41236
The CVE-2022-41236 entry concerns the Jenkins Security Inspector Plugin (117.v6eecc36919c2 and earlier). The vulnerability is a cross-site request forgery (CSRF) that allows an attacker to replace the per-session cached report displayed at the …/report URL with a report generated from attacker-co...
PT-2022-4908 · Jenkins · Jenkins Security Inspector Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Security Inspector Plugin versions 117.v6eecc36919c2 and earlier Description: The issue is related to insufficient authentication of executed POST requests, allowing a remote attacker to perform a cross-site request forgery CSRF attac...