Vulnerabilities > Jenkins > Jiratestresultreporter > 2.0.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-29 | CVE-2022-28136 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Jiratestresultreporter A cross-site request forgery (CSRF) vulnerability in Jenkins JiraTestResultReporter Plugin 165.v817928553942 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials. | 8.8 |
| 2022-03-29 | CVE-2022-28137 | Missing Authorization vulnerability in Jenkins Jiratestresultreporter A missing permission check in Jenkins JiraTestResultReporter Plugin 165.v817928553942 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials. | 4.3 |