21 matches found
EUVD-2022-6160
Malicious code in bioql PyPI...
CVE-2022-34205
A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...
Cross-Site Request Forgery in Jenkins Jianliao Notification Plugin
A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...
GHSA-Q8V3-7H6Q-G39Q Cross-Site Request Forgery in Jenkins Jianliao Notification Plugin
A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...
GHSA-V6H8-5CP2-J9W4 Jenkins Jianliao Notification Plugin Missing Authorization vulnerability
Jenkins Jianliao Notification Plugin 1.1 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to send HTTP POST requests to an attacker-specified URL. Additionally, this form validation method does not require...
Jenkins Jianliao Notification Plugin Missing Authorization vulnerability
Jenkins Jianliao Notification Plugin 1.1 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to send HTTP POST requests to an attacker-specified URL. Additionally, this form validation method does not require...
CVE-2022-34205
A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...
CVE-2022-34205
A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...
CVE-2022-34206
A missing permission check in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers with Overall/Read permission to send HTTP POST requests to an attacker-specified URL...
CVE-2022-34206
A missing permission check in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers with Overall/Read permission to send HTTP POST requests to an attacker-specified URL...
CVE-2022-34205
A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...
Design/Logic Flaw
A missing permission check in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers with Overall/Read permission to send HTTP POST requests to an attacker-specified URL...
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...
CVE-2022-34206
A missing permission check in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers with Overall/Read permission to send HTTP POST requests to an attacker-specified URL...
CVE-2022-34206
CVE-2022-34206 concerns Jenkins Jianliao Notification Plugin (1.1 and earlier). The root cause is a missing permission check in a form-validation method, allowing attackers with Overall/Read to send HTTP POST requests to an attacker-specified URL and enabling CSRF. The issue is confirmed across m...
CVE-2022-34205
A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...
CVE-2022-34205
CVE-2022-34205 describes a CSRF vulnerability in Jenkins Jianliao Notification Plugin (versions 1.1 and earlier) that allows an attacker to cause the server to issue HTTP POST requests to an attacker-controlled URL. The connected notes corroborate the issue across multiple feeds, all citing the s...
Jenkins Plugin Jianliao Notification 跨站请求伪造漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. POST requests to an attacker-specified URL...
PT-2022-22075 · Jenkins · Jenkins Jianliao Notification Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Jianliao Notification Plugin versions 1.1 and earlier Description: A cross-site request forgery CSRF issue allows attackers to send HTTP POST requests to an attacker-specified URL. This can be exploited by attackers to perform...
PT-2022-22076 · Jenkins · Jenkins Jianliao Notification Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Jianliao Notification Plugin versions 1.1 and earlier Description: A missing permission check in the plugin allows attackers with Overall/Read permission to send HTTP POST requests to an attacker-specified URL. This issue also results...