CVE-2022-46688 in Sonar Gerrit Plugin
الملخص
بحسب MITRE • 12/12/2022
A cross-site request forgery (CSRF) vulnerability in Jenkins Sonar Gerrit Plugin 377.v8f3808963dc5 and earlier allows attackers to have Jenkins connect to Gerrit servers (previously configured by Jenkins administrators) using attacker-specified credentials IDs obtained through another method, potentially capturing credentials stored in Jenkins.
If you want to get best quality of vulnerability data, you may have to visit VulDB.