A cross-site request forgery (CSRF) vulnerability in Jenkins Build-Publisher Plugin 1.22 and earlier allows attackers to replace any config.xml file on the Jenkins controller file system with an empty file by providing a crafted file name to an API endpoint.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: jenkins
Published: 2022-09-21T15:45:52
Updated: 2024-08-03T12:35:49.618Z
Reserved: 2022-09-21T00:00:00
Link: CVE-2022-41232
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-09-21T16:15:10.330
Modified: 2023-11-01T20:31:32.403
Link: CVE-2022-41232
Redhat
No data.