CVE-2022-25205 is a vulnerability in Jenkins Dbcharts
Published on February 15, 2022
A cross-site request forgery (CSRF) vulnerability in Jenkins dbCharts Plugin 0.5.2 and earlier allows attackers to connect to an attacker-specified database via JDBC using attacker-specified credentials and to determine if a class is available in the Jenkins instance.
Products Associated with CVE-2022-25205
Want to know whenever a new CVE is published for Jenkins Dbcharts? stack.watch will email you.
Affected Versions
Jenkins project Jenkins dbCharts Plugin:- Version unspecified, <= 0.5.2 is affected.
- Version next of 0.5.2 and below unspecified is unknown.
Exploit Probability
EPSS
0.06%
Percentile
16.88%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.