CVE-2022-25207

A cross-site request forgery (CSRF) vulnerability in Jenkins Chef Sinatra Plugin 1.20 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-controlled URL and have it parse an XML response.
Configurations

Configuration 1

cpe:2.3:a:jenkins:chef_sinatra:*:*:*:*:*:jenkins:*:*

Information

Published : 2022-02-15 05:15

Updated : 2022-02-23 08:14


NVD link : CVE-2022-25207

Mitre link : CVE-2022-25207

Products Affected
No products.
CWE