CVE-2022-20612
maven/org.jenkins-ci.main/jenkins-core
Cross-Site Request Forgery (CSRF)
A cross-site request forgery (CSRF) vulnerability in Jenkins allows attackers to trigger build of job without parameters when no security realm is set.
All versions after 2.319.1 up to 2.329
Unfortunately, there is no solution available yet.
2022-01-19
source |