org.jenkins-ci.plugins/JiraTestResultReporter

Vulnerabilities (2)

• CVE-2022-28137Mar 29, 2022
  affected < 166.v0cc6208295b5fixed 166.v0cc6208295b5

  A missing permission check in Jenkins JiraTestResultReporter Plugin 165.v817928553942 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials.

• CVE-2022-28136Mar 29, 2022
  affected < 166.v0cc6208295b5fixed 166.v0cc6208295b5

  A cross-site request forgery (CSRF) vulnerability in Jenkins JiraTestResultReporter Plugin 165.v817928553942 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials.