Lucene search
+L

4 matches found

NVD
NVD
added 2022/09/21 4:15 p.m.24 views

CVE-2022-41236

A cross-site request forgery CSRF vulnerability in Jenkins Security Inspector Plugin 117.v6eecc36919c2 and earlier allows attackers to replace the generated report stored in a per-session cache and displayed to authorized users at the .../report URL with a report based on attacker-specified repor...

8.8CVSS0.00372EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/09/21 3:45 p.m.3 views

CVE-2022-41236

A cross-site request forgery CSRF vulnerability in Jenkins Security Inspector Plugin 117.v6eecc36919c2 and earlier allows attackers to replace the generated report stored in a per-session cache and displayed to authorized users at the .../report URL with a report based on attacker-specified repor...

6.5AI score0.00372EPSS
Exploits0References1
CVE
CVE
added 2022/09/21 3:45 p.m.76 views

CVE-2022-41236

The CVE-2022-41236 entry concerns the Jenkins Security Inspector Plugin (117.v6eecc36919c2 and earlier). The vulnerability is a cross-site request forgery (CSRF) that allows an attacker to replace the per-session cached report displayed at the …/report URL with a report generated from attacker-co...

8.8CVSS8.5AI score0.00372EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/09/21 12:0 a.m.5 views

PT-2022-4908 · Jenkins · Jenkins Security Inspector Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Security Inspector Plugin versions 117.v6eecc36919c2 and earlier Description: The issue is related to insufficient authentication of executed POST requests, allowing a remote attacker to perform a cross-site request forgery CSRF attac...

10CVSS8.6AI score0.00372EPSS
Exploits0References9
Rows per page
Query Builder