| |
Vulnerability CVE-2022-41249
Published: 2022-09-21
| Description: |
A cross-site request forgery (CSRF) vulnerability in Jenkins SCM HttpClient Plugin 1.5 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. |
Type:
CWE-352 (Cross-Site Request Forgery (CSRF))
References: |
https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2708
|
|
|
Copyright 2026, cxsecurity.com
|
|
|
