CVE-2022-28138

Summary

A cross-site request forgery (CSRF) vulnerability in Jenkins RocketChat Notifier Plugin 1.4.10 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credential.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins RocketChat Notifier Pluginunspecified <= 1.4.10affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References