CVE-2022-23115

Name of the Vulnerable Software and Affected Versions Jenkins batch task Plugin versions 1.19 and earlier

Description The issue allows attackers with Overall/Read access to perform certain actions due to cross-site request forgery (CSRF) vulnerabilities. These actions include retrieving logs, building, or deleting a batch task.

Recommendations For Jenkins batch task Plugin versions 1.19 and earlier, consider restricting access to the plugin to minimize the risk of exploitation until a patch is available. As a temporary workaround, limit the Overall/Read access to authorized personnel only.