CVE-2022-45398

Cross-Site Request Forgery (CSRF) in maven/org.zeroturnaround/cluster-stats

Identifiers

GHSA-24hp-84jp-8wgm, CVE-2022-45398

Package Slug

maven/org.zeroturnaround/cluster-stats

Vulnerability

Cross-Site Request Forgery (CSRF)

Description

A cross-site request forgery (CSRF) vulnerability in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics.

Affected Versions

All versions up to 0.4.6

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-11-22

source