CVE-2022-41228

Description

A missing permission check in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and earlier allows attackers with Overall/Read permissions to connect to an attacker-specified webserver using attacker-specified credentials.

References

https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2737

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3