Description
Jenkins before 2.3 and LTS before 1.651.2 might allow remote authenticated users to inject arbitrary build parameters into the build environment via environment variables.
Remediation
References
Related Vulnerabilities
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-7724)
Next.js CVE-2021-43803 Vulnerability (CVE-2021-43803)
WordPress Plugin Digital Climate Strike WP Malicious Redirects (1.0.0)
MySQL CVE-2022-21297 Vulnerability (CVE-2022-21297)
WordPress Plugin YITH WooCommerce Advanced Reviews Security Bypass (1.3.9)