7 matches found
jenkins: no POST request is required for the endpoint handling manual build requests which could result in CSRF
A Cross-site request forgery CSRF vulnerability was found in Jenkins. The POST requests are not required for the HTTP endpoint handling manual build requests when no security realm is set. This flaw allows an attacker to trigger the building of a job without parameters...
jenkins: no POST request is required for the endpoint handling manual build requests which could result in CSRF
A Cross-site request forgery CSRF vulnerability was found in Jenkins. The POST requests are not required for the HTTP endpoint handling manual build requests when no security realm is set. This flaw allows an attacker to trigger the building of a job without parameters...
jenkins: no POST request is required for the endpoint handling manual build requests which could result in CSRF
A Cross-site request forgery CSRF vulnerability was found in Jenkins. The POST requests are not required for the HTTP endpoint handling manual build requests when no security realm is set. This flaw allows an attacker to trigger the building of a job without parameters...
jenkins: no POST request is required for the endpoint handling manual build requests which could result in CSRF
A Cross-site request forgery CSRF vulnerability was found in Jenkins. The POST requests are not required for the HTTP endpoint handling manual build requests when no security realm is set. This flaw allows an attacker to trigger the building of a job without parameters...
jenkins: no POST request is required for the endpoint handling manual build requests which could result in CSRF
A Cross-site request forgery CSRF vulnerability was found in Jenkins. The POST requests are not required for the HTTP endpoint handling manual build requests when no security realm is set. This flaw allows an attacker to trigger the building of a job without parameters...
GHSA-P92Q-7FHH-MQ35 Cross-Site Request Forgery in Jenkins
Jenkins 2.329 and earlier, LTS 2.319.1 and earlier does not require POST requests for the HTTP endpoint handling manual build requests when no security realm is set, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to trigger build of job without...
CVE-2022-20612
A cross-site request forgery CSRF vulnerability in Jenkins 2.329 and earlier, LTS 2.319.1 and earlier allows attackers to trigger build of job without parameters when no security realm is set...