cbcvebase.
CVE-2022-27204
published 2022-03-15

CVE-2022-27204: A cross-site request forgery vulnerability in Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier allows attackers to connect to an…

high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
A cross-site request forgery vulnerability in Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier allows attackers to connect to an attacker-specified URL.

Affected

14 ranges
VendorProductVersion rangeFixed in
jenkinsaws_credentials_plugin
jenkinsdashboard_view_plugin
jenkinsenvironment_dashboard_plugin
jenkinsextended_choice_parameter<= 346.vd87693c5a_86c
jenkinsextended_choice_parameter_plugin
jenkinsfavorite_plugin
jenkinsfolder-based_authorization_strategy_plugin
jenkinsgitlab_authentication_plugin
jenkinslist_git_branches_parameter_plugin
jenkinsparameterized_trigger_plugin
jenkinsrelease_helper_plugin
jenkinssemantic_versioning_plugin
jenkinsvmware_vrealize_codestream_plugin
jenkins_projectjenkins_extended_choice_parameter_pluginunspecified – 346.vd87693c5a_86c