CVE-2022-29050

Cross-Site Request Forgery (CSRF) in maven/org.jenkins-ci.plugins/publish-over-ftp

Identifiers

GHSA-6w39-qhmq-g8cp, CVE-2022-29050

Package Slug

maven/org.jenkins-ci.plugins/publish-over-ftp

Vulnerability

Cross-Site Request Forgery (CSRF)

Description

A cross-site request forgery (CSRF) vulnerability in Jenkins Publish Over FTP Plugin 1.16 and earlier allows attackers to connect to an FTP server using attacker-specified credentials.

Affected Versions

All versions before 1.17

Solution

Upgrade to version 1.17 or above.

Last Modified

2022-05-05

source