CVE-2022-20613
12.01.2022, 20:15
A cross-site request forgery (CSRF) vulnerability in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and earlier allows attackers to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname.
| Vendor | Product | Version |
|---|---|---|
| jenkins | mailer | 𝑥 < 1.34.2 |
| jenkins | mailer | 391.ve4a_38c1b_cf4b_:ve4a_38c1b_cf4b_ |
| oracle | communications_cloud_native_core_automated_test_suite | 1.9.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References