Lucene search
J3ssieH1:579760HistoryMay 14, 2019 - 7:48 a.m.
Django: Jenkins Unauthenticated RCE on https://djangoci.com/
2019-05-1407:48:49
j3ssie
hackerone.com
30
0.973 High
EPSS
Percentile
99.9%
This report discloses an RCE issue on djangoci.com as outlined in https://www.djangoproject.com/weblog/2019/may/15/rce-djangoci/
While technically a valid issue, it is out of scope for bounty, please see https://hackerone.com/django for details on which issues qualify for bounties.
Related
canvas
canvas
Immunity Canvas: JENKINS_CHECKSCRIPT_RCE
2019-03-08 21:29:00
github
github
Sandbox Bypass in Script Security Plugin
2022-05-13 01:00:55
Sandbox bypass in Script Security Plugin
2022-05-13 01:00:55
Deserialization of Untrusted Data in Jenkins
2022-05-13 01:01:00
osv
osv
CVE-2019-1003029
2019-03-08 21:29:00
CVE-2019-1003005
2019-02-06 16:29:00
Sandbox Bypass in Script Security Plugin
2022-05-13 01:00:55
cvelist
cvelist
CVE-2019-1003029
2019-03-08 21:00:00
CVE-2018-1000861
2018-12-10 14:00:00
CVE-2019-1003005
2019-02-06 16:00:00
veracode
veracode
Sandbox Protection Bypass
2019-05-16 03:58:57
Arbitrary Code Execution
2019-05-16 03:58:57
Arbitrary Code Execution
2019-05-16 03:23:55
prion
prion
Security feature bypass
2019-02-06 16:29:00
Security feature bypass
2019-03-08 21:29:00
Remote code execution
2018-12-10 14:29:00
trendmicroblog
trendmicroblog
This Week in Security News: Unsecured Servers and Vulnerable Processors
2019-05-17 14:14:56
redhatcve
redhatcve
CVE-2018-1000861
2019-12-14 04:52:17
CVE-2019-1003029
2019-03-18 11:19:55
CVE-2019-1003005
2020-04-09 10:33:39
nuclei
nuclei
Jenkins - Remote Command Injection
2021-02-20 11:11:15
cve
cve
CVE-2019-1003005
2019-02-06 16:29:00
CVE-2019-1003029
2019-03-08 21:29:00
CVE-2018-1000861
2018-12-10 14:29:01
checkpoint_advisories
checkpoint_advisories
Jenkins Script Security Plugin Remote Code Execution (CVE-2019-1003029)
2022-05-15 00:00:00
Jenkins Stapler Web Framework Code Execution (CVE-2018-1000861)
2020-09-21 00:00:00
Jenkins Stapler Web Framework Remote Code Execution (CVE-2018-1000861)
2019-05-21 00:00:00
nvd
nvd
CVE-2019-1003005
2019-02-06 16:29:00
CVE-2019-1003029
2019-03-08 21:29:00
CVE-2018-1000861
2018-12-10 14:29:01
attackerkb
attackerkb
CVE-2019-1003029
2019-03-08 00:00:00
CVE-2018-1000861
2018-12-10 00:00:00
cisa_kev
cisa_kev
Jenkins Script Security Plugin Sandbox Bypass Vulnerability
2022-04-25 00:00:00
openvas
openvas
Jenkins < 2.121.3 / < 2.138 ACL Bypass Vulnerability
2019-06-03 00:00:00
Jenkins < 2.154 and < 2.138.4 LTS Multiple Vulnerabilities - Windows
2018-12-11 00:00:00
Jenkins < 2.154 and < 2.138.4 LTS Multiple Vulnerabilities - Linux
2018-12-11 00:00:00
talosblog
talosblog
Watchbog and the Importance of Patching
2019-09-11 09:10:37
redhat
redhat
nessus
nessus
thn
thn
Linux Botnet Adding BlueKeep-Flawed Windows RDP Servers to Its Target List
2019-07-25 09:38:00
cisa
cisa
CISA Adds 15 Known Exploited Vulnerabilities to Catalog
2022-02-10 00:00:00
kitploit
kitploit
Vulmap - Web Vulnerability Scanning And Verification Tools
2020-12-25 11:30:00
qualysblog
qualysblog
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00