CVE-2022-34205

Name of the Vulnerable Software and Affected Versions Jenkins Jianliao Notification Plugin versions 1.1 and earlier

Description A cross-site request forgery (CSRF) issue allows attackers to send HTTP POST requests to an attacker-specified URL. This can be exploited by attackers to perform unauthorized actions.

Recommendations For Jenkins Jianliao Notification Plugin versions 1.1 and earlier, consider disabling the plugin until a patch is available to prevent potential exploitation. As a temporary workaround, restrict access to the plugin's functionality to minimize the risk of unauthorized actions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.