CVE-2022-34206

Summary

A missing permission check in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers with Overall/Read permission to send HTTP POST requests to an attacker-specified URL.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Jianliao Notification Pluginunspecified <= 1.1affected
Jenkins projectJenkins Jianliao Notification Pluginnext of 1.1 < unspecifiedunknown

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References