CVE-2022-25207 is a vulnerability in Jenkins Chef Sinatra
Published on February 15, 2022

A cross-site request forgery (CSRF) vulnerability in Jenkins Chef Sinatra Plugin 1.20 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-controlled URL and have it parse an XML response.

NVD

Products Associated with CVE-2022-25207

Want to know whenever a new CVE is published for Jenkins Chef Sinatra? stack.watch will email you.

Jenkins Chef Sinatra

Affected Versions

Jenkins project Jenkins Chef Sinatra Plugin:

Version unspecified, <= 1.20 is affected.
Version next of 1.20 and below unspecified is unknown.

Exploit Probability

EPSS

0.07%

Percentile

22.33%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-25207 is a vulnerability in Jenkins Chef SinatraPublished on February 15, 2022

Products Associated with CVE-2022-25207

Affected Versions

Exploit Probability

CVE-2022-25207 is a vulnerability in Jenkins Chef Sinatra
Published on February 15, 2022