CVE-2022-34205
Published on: Not Yet Published
Last Modified on: 06/23/2022 05:19:00 PM UTC
Certain versions of Jenkins Jianliao Notification Plugin from Jenkins Project contain the following vulnerability:
A cross-site request forgery (CSRF) vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL.
- CVE-2022-34205 has been assigned by
[email protected] to track the vulnerability - Affected Vendor/Software: Jenkins project - Jenkins Jianliao Notification Plugin version <= 1.1
- Affected Vendor/Software: Jenkins project - Jenkins Jianliao Notification Plugin version ?> 1.1
CVE References
| Description | Tags ⓘ | Link |
|---|---|---|
| Jenkins Security Advisory 2022-06-22 | www.jenkins.io text/html |
CONFIRM www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2240 |
There are currently no QIDs associated with this CVE
Known Affected Software
| Vendor | Product | Version |
|---|---|---|
| Jenkins Project | Jenkins_Jianliao_Notification_Plugin | <= 1.1 |
| Jenkins Project | Jenkins_Jianliao_Notification_Plugin | ?> 1.1 |
No vendor comments have been submitted for this CVE
Social Mentions
| Source | Title | Posted (UTC) |
|---|---|---|
 @CVEreport |
CVE-2022-34205 : A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and… twitter.com/i/web/status/1… | 2022-06-22 14:57:15 |
| @LinInfoSec |
Jenkins - CVE-2022-34205: jenkins.io/security/advis… | 2022-06-23 19:00:14 |
| @CyberWire_ |
*VULNERABILITY* CVE-2022-34205 CW.cyberwire.info/SSkntj #cybersecurity #vulnerability #cyberwire | 2022-06-23 23:06:38 |
 /r/netcve |
CVE-2022-34205 | 2022-06-22 15:38:26 |