CVEs (2)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Jenkins 1Vrealize Orchestrator Jun 17, 2026 Jun 23, 2022 N/A· v4 5.7 MEDIUM· v3 3.5 LOW· v2 A missing permission check in Jenkins vRealize Orchestrator Plugin 3.0 and earlier allows attackers with Overall/Read permission to send an HTTP POST request to an attacker-specified URL. |
1Jenkins 1Vrealize Orchestrator Jun 17, 2026 Jun 23, 2022 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 A cross-site request forgery (CSRF) vulnerability in Jenkins vRealize Orchestrator Plugin 3.0 and earlier allows attackers to send an HTTP POST request to an attacker-specified URL. |