CVE-2022-34203
published 2022-06-23CVE-2022-34203: A cross-site request forgery (CSRF) vulnerability in Jenkins EasyQA Plugin 1.0 and earlier allows attackers to connect to an attacker-specified HTTP server.
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
A cross-site request forgery (CSRF) vulnerability in Jenkins EasyQA Plugin 1.0 and earlier allows attackers to connect to an attacker-specified HTTP server.
Affected
32 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | agent_server_parameter_plugin | — | — |
| jenkins | beaker_builder_plugin | — | — |
| jenkins | convertigo_mobile_platform_plugin | — | — |
| jenkins | crx_content_package_deployer_plugin | — | — |
| jenkins | date_parameter_plugin | — | — |
| jenkins | dynamic_extended_choice_parameter_plugin | — | — |
| jenkins | easyqa | <= 1.0 | — |
| jenkins | easyqa_plugin | — | — |
| jenkins | embeddable_build_status_plugin | — | — |
| jenkins | filesystem_list_parameter_plugin | — | — |
| jenkins | hidden_parameter_plugin | — | — |
| jenkins | image_tag_parameter_plugin | — | — |
| jenkins | improper_authorization_in_embeddable_build_status_plugin | — | — |
| jenkins | input_step_plugin | — | — |
| jenkins | jenkins_ci_server_plugin | — | — |
| jenkins | jenkins_core | — | — |
| jenkins | jenkins_lts | — | — |
| jenkins | jenkins_weekly | — | — |
| jenkins | jianliao_notification_plugin | — | — |
| jenkins | junit_plugin | — | — |
| jenkins | maven_metadata_plugin | — | — |
| jenkins | nested_view_plugin | — | — |
| jenkins | ns-nd_integration_performance_publisher_plugin | — | — |
| jenkins | orchestrator_plugin | — | — |
| jenkins | package_version_plugin | — | — |