Arbitrary Code Execution Vulnerability in Jenkins Autocomplete Parameter Plugin
CVE-2022-30969 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
A cross-site request forgery (CSRF) vulnerability in Jenkins Autocomplete Parameter Plugin 1.1 and earlier allows attackers to execute arbitrary code without sandbox protection if the victim is an administrator.
Learn more about our Web Application Penetration Testing UK.