CVE-2023-30522 Information

Description

A missing permission check in Jenkins Fogbugz Plugin 2.2.17 and earlier allows attackers with Item/Read permission to trigger builds of jobs specified in a ‘jobname’ request parameter.

Reference

https://www.jenkins.io/security/advisory/2023-04-12/#SECURITY-2873