CVE-2022-29048

CVSS v3.1 4.3 (Medium)

CVSS v2.0 4.3 (Medium)

EPSS 0.12 % (47^th)

Affected Products 2

Advisories 2

A cross-site request forgery (CSRF) vulnerability in Jenkins Subversion Plugin 2.15.3 and earlier allows attackers to connect to an attacker-specified URL.

Weaknesses

CWE-352: Cross-Site Request Forgery (CSRF)

CVE Status: PUBLISHED
CNA: Jenkins Project
Published Date: 2022-04-12 20:15:09
(2 years ago)
Updated Date: 2023-12-21 01:45:54
(9 months ago)

Affected Products

Apple

Macos

Jenkins

Subversion

Configuration #1

		CPE23	From	Up To
	Jenkins Subversion for Jenkins 2.15.3 and prior versions	cpe:2.3:a:jenkins:subversion::::::jenkins		<= 2.15.3

Configuration #2

		CPE23	From	Up To
	Apple Macos from 12.0 version and prior 12.5 version	cpe:2.3:o:apple:macos	>= 12.0	< 12.5