Lucene search
PRIOn knowledge basePRION:CVE-2022-43408HistoryOct 19, 2022 - 4:15 p.m.
Cross site request forgery (csrf)
2022-10-1916:15:00
PRIOn knowledge base
www.prio-n.com
2
jenkins
pipeline
stage view plugin
csrf
bypass
vulnerability
Jenkins Pipeline: Stage View Plugin 2.26 and earlier does not correctly encode the ID of ‘input’ steps when using it to generate URLs to proceed or abort Pipeline builds, allowing attackers able to configure Pipelines to specify ‘input’ step IDs resulting in URLs that would bypass the CSRF protection of any target URL in Jenkins.
Related
veracode
veracode
Authorization Bypass
2022-10-20 15:26:59
github
github
cvelist
cvelist
CVE-2022-43408
2022-10-19 00:00:00
nvd
nvd
CVE-2022-43408
2022-10-19 16:15:10
redhatcve
redhatcve
CVE-2022-43408
2022-10-20 07:17:19
cve
cve
CVE-2022-43408
2022-10-19 16:15:10
osv
osv
nessus
nessus
RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3198)
2024-04-28 00:00:00
RHEL 8 : OpenShift Container Platform 4.10.51 (RHSA-2023:0560)
2024-04-28 00:00:00
redhat
redhat