CVE-2022-34212

Publication date

2022-06-22 14:41:56

Family

jenkins

State

PUBLISHED

Description

A missing permission check in Jenkins vRealize Orchestrator Plugin 3.0 and earlier allows attackers with Overall/Read permission to send an HTTP POST request to an attacker-specified URL.