Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:4 p.m.8 views

CVE-2022-34205

A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...

6.5CVSS6.7AI score0.00468EPSS
Exploits0References1
OSV
OSV
added 2022/06/24 12:0 a.m.13 views

GHSA-Q8V3-7H6Q-G39Q Cross-Site Request Forgery in Jenkins Jianliao Notification Plugin

A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...

4.3CVSS6.6AI score0.00468EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/06/24 12:0 a.m.24 views

Jenkins Jianliao Notification Plugin Missing Authorization vulnerability

Jenkins Jianliao Notification Plugin 1.1 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to send HTTP POST requests to an attacker-specified URL. Additionally, this form validation method does not require...

4.3CVSS4.8AI score0.00525EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/06/23 5:15 p.m.4 views

CVE-2022-34206

A missing permission check in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers with Overall/Read permission to send HTTP POST requests to an attacker-specified URL...

4.3CVSS6.4AI score0.00525EPSS
Exploits0References1
NVD
NVD
added 2022/06/23 5:15 p.m.19 views

CVE-2022-34205

A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...

6.5CVSS0.00468EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/23 5:15 p.m.2 views

CVE-2022-34206

A missing permission check in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers with Overall/Read permission to send HTTP POST requests to an attacker-specified URL...

4.3CVSS6.2AI score0.00525EPSS
Exploits0References2
OSV
OSV
added 2022/06/23 5:15 p.m.5 views

CVE-2022-34205

A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...

6.5CVSS6.5AI score0.00468EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/23 5:15 p.m.3 views

CVE-2022-34205

A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...

6.5CVSS6.5AI score0.00468EPSS
Exploits0References2
Prion
Prion
added 2022/06/23 5:15 p.m.21 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...

4.3CVSS6.4AI score0.00468EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/06/22 2:41 p.m.102 views

CVE-2022-34206

CVE-2022-34206 concerns Jenkins Jianliao Notification Plugin (1.1 and earlier). The root cause is a missing permission check in a form-validation method, allowing attackers with Overall/Read to send HTTP POST requests to an attacker-specified URL and enabling CSRF. The issue is confirmed across m...

4.3CVSS4.3AI score0.00525EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/06/22 2:41 p.m.37 views

CVE-2022-34206

A missing permission check in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers with Overall/Read permission to send HTTP POST requests to an attacker-specified URL...

6.8AI score0.00525EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/06/22 2:41 p.m.26 views

CVE-2022-34205

A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...

8AI score0.00468EPSS
Exploits0References1
CVE
CVE
added 2022/06/22 2:41 p.m.105 views

CVE-2022-34205

CVE-2022-34205 describes a CSRF vulnerability in Jenkins Jianliao Notification Plugin (versions 1.1 and earlier) that allows an attacker to cause the server to issue HTTP POST requests to an attacker-controlled URL. The connected notes corroborate the issue across multiple feeds, all citing the s...

6.5CVSS6.3AI score0.00468EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/06/22 12:0 a.m.6 views

Jenkins Plugin Jianliao Notification 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. An attacker with overall/read permissions could exploit this vulnerability to...

4.3CVSS5.7AI score0.00525EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/06/22 12:0 a.m.3 views

PT-2022-22075 · Jenkins · Jenkins Jianliao Notification Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Jianliao Notification Plugin versions 1.1 and earlier Description: A cross-site request forgery CSRF issue allows attackers to send HTTP POST requests to an attacker-specified URL. This can be exploited by attackers to perform...

6.5CVSS6.2AI score0.00468EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/06/22 12:0 a.m.5 views

Jenkins Plugin Jianliao Notification 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. POST requests to an attacker-specified URL...

6.5CVSS5.6AI score0.00468EPSS
Exploits0References4
Rows per page
Query Builder