CVE-2022-20612

Summary

A cross-site request forgery (CSRF) vulnerability in Jenkins 2.329 and earlier, LTS 2.319.1 and earlier allows attackers to trigger build of job without parameters when no security realm is set.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkinsunspecified <= 2.329affected
Jenkins projectJenkinsunspecified <= LTS 2.319.1affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References