GHSA-x9wp-gfrr-p5rp, CVE-2022-45389
maven/com.cloudbees.jenkins.plugins/xpdev
Missing Authorization
A missing permission check in Jenkins XP-Dev Plugin 1.0 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to an attacker-specified repository.
All versions up to 1.0
Unfortunately, there is no solution available yet.
2022-11-22
source |