Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:4 p.m.8 views

CVE-2022-34205

A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...

6.5CVSS6.7AI score0.00468EPSS
Exploits0References1
OSV
OSV
added 2022/06/24 12:0 a.m.13 views

GHSA-Q8V3-7H6Q-G39Q Cross-Site Request Forgery in Jenkins Jianliao Notification Plugin

A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...

4.3CVSS6.6AI score0.00468EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/06/24 12:0 a.m.24 views

Jenkins Jianliao Notification Plugin Missing Authorization vulnerability

Jenkins Jianliao Notification Plugin 1.1 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to send HTTP POST requests to an attacker-specified URL. Additionally, this form validation method does not require...

4.3CVSS4.8AI score0.00525EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/06/23 5:15 p.m.4 views

CVE-2022-34206

A missing permission check in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers with Overall/Read permission to send HTTP POST requests to an attacker-specified URL...

4.3CVSS6.4AI score0.00525EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/23 5:15 p.m.2 views

CVE-2022-34206

A missing permission check in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers with Overall/Read permission to send HTTP POST requests to an attacker-specified URL...

4.3CVSS6.2AI score0.00525EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/06/23 5:15 p.m.2 views

CVE-2022-34205

A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...

6.5CVSS6.5AI score0.00468EPSS
Exploits0References2
NVD
NVD
added 2022/06/23 5:15 p.m.19 views

CVE-2022-34205

A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...

6.5CVSS0.00468EPSS
Exploits0References1
OSV
OSV
added 2022/06/23 5:15 p.m.5 views

CVE-2022-34205

A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...

6.5CVSS6.5AI score0.00468EPSS
Exploits0References1
Prion
Prion
added 2022/06/23 5:15 p.m.21 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...

4.3CVSS6.4AI score0.00468EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/06/22 2:41 p.m.102 views

CVE-2022-34206

CVE-2022-34206 concerns Jenkins Jianliao Notification Plugin (1.1 and earlier). The root cause is a missing permission check in a form-validation method, allowing attackers with Overall/Read to send HTTP POST requests to an attacker-specified URL and enabling CSRF. The issue is confirmed across m...

4.3CVSS4.3AI score0.00525EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/06/22 2:41 p.m.37 views

CVE-2022-34206

A missing permission check in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers with Overall/Read permission to send HTTP POST requests to an attacker-specified URL...

6.8AI score0.00525EPSS
Exploits0References1
CVE
CVE
added 2022/06/22 2:41 p.m.105 views

CVE-2022-34205

CVE-2022-34205 describes a CSRF vulnerability in Jenkins Jianliao Notification Plugin (versions 1.1 and earlier) that allows an attacker to cause the server to issue HTTP POST requests to an attacker-controlled URL. The connected notes corroborate the issue across multiple feeds, all citing the s...

6.5CVSS6.3AI score0.00468EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/06/22 2:41 p.m.26 views

CVE-2022-34205

A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...

8AI score0.00468EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/06/22 12:0 a.m.3 views

PT-2022-22075 · Jenkins · Jenkins Jianliao Notification Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Jianliao Notification Plugin versions 1.1 and earlier Description: A cross-site request forgery CSRF issue allows attackers to send HTTP POST requests to an attacker-specified URL. This can be exploited by attackers to perform...

6.5CVSS6.2AI score0.00468EPSS
Exploits0References5
Rows per page
Query Builder