Description
A cross-site request forgery (CSRF) vulnerability in Jenkins ThreadFix Plugin 1.5.4 and earlier allows attackers to connect to an attacker-specified URL.
Remediation
References
https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2249
Related Vulnerabilities
CVE-2021-22132 Vulnerability in maven package org.elasticsearch:elasticsearch
CVE-2023-50728 Vulnerability in npm package @octokit/webhooks
CVE-2023-45807 Vulnerability in maven package org.opensearch.plugin:opensearch-security
CVE-2019-1003045 Vulnerability in maven package de.eacg:ecs-publisher
CVE-2012-3536 Vulnerability in maven package org.apache.james.hupa:hupa-server