Jenkins - Storage Configs CVE - CVE Search - CVE Details

Filtered by vendor Jenkins Subscribe

Filtered by product Storage Configs

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-30972	1 Jenkins	1 Storage Configs	2022-05-25	6.8 MEDIUM	8.8 HIGH
A cross-site request forgery (CSRF) vulnerability in Jenkins Storable Configs Plugin 1.0 and earlier allows attackers to have Jenkins parse a local XML file (e.g., archived artifacts) that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery.

Vulnerabilities (CVE)