CVE-2022-45389

Missing Authorization in maven/com.cloudbees.jenkins.plugins/xpdev

Identifiers

GHSA-x9wp-gfrr-p5rp, CVE-2022-45389

Package Slug

maven/com.cloudbees.jenkins.plugins/xpdev

Vulnerability

Missing Authorization

Description

A missing permission check in Jenkins XP-Dev Plugin 1.0 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to an attacker-specified repository.

Affected Versions

All versions up to 1.0

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-11-22

source