GHSA-24hp-84jp-8wgm, CVE-2022-45398
maven/org.zeroturnaround/cluster-stats
Cross-Site Request Forgery (CSRF)
A cross-site request forgery (CSRF) vulnerability in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics.
All versions up to 0.4.6
Unfortunately, there is no solution available yet.
2022-11-22
source |