Lucene search
Veracode Vulnerability DatabaseVERACODE:40722HistoryMay 30, 2023 - 7:10 a.m.
Cross-Site Request Forgery (CSRF)
2023-05-3007:10:39
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
1
codedx
vulnerability
cross-site request forgery
csrf
permission checks
http endpoints
attacker
read permission
url
software
0.0004 Low
EPSS
Percentile
13.1%
Codedx is vulnerable to Cross-Site Request Forgery (CSRF). The vulnerability exists due to not performing several permission checks at http endpoints which allows an attacker with read permission to connect to a specific URL.
| CPE | Name | Operator | Version |
|---|---|---|---|
| code dx plugin | le | 3.1.0 | |
| code dx plugin | le | 3.1.0 |
Related
github
github
Jenkins Code Dx Plugin cross-site request forgery vulnerability
2023-05-16 21:30:22
cvelist
cvelist
CVE-2023-2195 CSRF vulnerability and missing permission checks in Code Dx Plugin
2023-05-16 18:02:33
cve
cve
CVE-2023-2195
2023-05-16 19:15:08
osv
osv
Jenkins Code Dx Plugin cross-site request forgery vulnerability
2023-05-16 21:30:22
prion
prion
Cross site request forgery (csrf)
2023-05-16 19:15:00
nvd
nvd
CVE-2023-2195
2023-05-16 19:15:08
alpinelinux
alpinelinux
CVE-2023-2195
2023-05-16 19:15:08
