CVE-2022-20612

Cross-Site Request Forgery (CSRF) in maven/org.jenkins-ci.main/jenkins-core

Identifiers

CVE-2022-20612

Package Slug

maven/org.jenkins-ci.main/jenkins-core

Vulnerability

Cross-Site Request Forgery (CSRF)

Description

A cross-site request forgery (CSRF) vulnerability in Jenkins allows attackers to trigger build of job without parameters when no security realm is set.

Affected Versions

All versions after 2.319.1 up to 2.329

Solution

Upgrade to version 2.330 or above.

Last Modified

2022-01-19

source