Lucene search
K

7 matches found

RedHat Linux
RedHat Linux
added 2022/02/25 1:4 a.m.4 views

jenkins: no POST request is required for the endpoint handling manual build requests which could result in CSRF

A Cross-site request forgery CSRF vulnerability was found in Jenkins. The POST requests are not required for the HTTP endpoint handling manual build requests when no security realm is set. This flaw allows an attacker to trigger the building of a job without parameters...

4.3CVSS7.1AI score0.01779EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/02/24 3:15 p.m.4 views

jenkins: no POST request is required for the endpoint handling manual build requests which could result in CSRF

A Cross-site request forgery CSRF vulnerability was found in Jenkins. The POST requests are not required for the HTTP endpoint handling manual build requests when no security realm is set. This flaw allows an attacker to trigger the building of a job without parameters...

4.3CVSS7.1AI score0.01779EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/02/16 11:19 a.m.3 views

jenkins: no POST request is required for the endpoint handling manual build requests which could result in CSRF

A Cross-site request forgery CSRF vulnerability was found in Jenkins. The POST requests are not required for the HTTP endpoint handling manual build requests when no security realm is set. This flaw allows an attacker to trigger the building of a job without parameters...

4.3CVSS7.1AI score0.01779EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/02/16 6:50 a.m.6 views

jenkins: no POST request is required for the endpoint handling manual build requests which could result in CSRF

A Cross-site request forgery CSRF vulnerability was found in Jenkins. The POST requests are not required for the HTTP endpoint handling manual build requests when no security realm is set. This flaw allows an attacker to trigger the building of a job without parameters...

4.3CVSS7.1AI score0.01779EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/02/10 6:11 a.m.7 views

jenkins: no POST request is required for the endpoint handling manual build requests which could result in CSRF

A Cross-site request forgery CSRF vulnerability was found in Jenkins. The POST requests are not required for the HTTP endpoint handling manual build requests when no security realm is set. This flaw allows an attacker to trigger the building of a job without parameters...

4.3CVSS7.1AI score0.01779EPSS
Exploits0References5
OSV
OSV
added 2022/01/21 11:37 p.m.7 views

GHSA-P92Q-7FHH-MQ35 Cross-Site Request Forgery in Jenkins

Jenkins 2.329 and earlier, LTS 2.319.1 and earlier does not require POST requests for the HTTP endpoint handling manual build requests when no security realm is set, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to trigger build of job without...

4.3CVSS7.1AI score0.01779EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2022/01/12 8:15 p.m.7 views

CVE-2022-20612

A cross-site request forgery CSRF vulnerability in Jenkins 2.329 and earlier, LTS 2.319.1 and earlier allows attackers to trigger build of job without parameters when no security realm is set...

4.3CVSS6.4AI score0.01779EPSS
Exploits0References4
Rows per page
Query Builder