CVE-2022-30946 is a vulnerability in Jenkins Script Security
Published on May 17, 2022
A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver.
Products Associated with CVE-2022-30946
Want to know whenever a new CVE is published for Jenkins Script Security? stack.watch will email you.
Affected Versions
Jenkins project Jenkins Script Security Plugin:- Version unspecified, <= 1158.v7c1b_73a_69a_08 is affected.
- Version 1.78.1 is unaffected.
- Version 1145.1148.vf6d17a_a_a_eef6 is unaffected.
Exploit Probability
EPSS
0.05%
Percentile
15.34%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.