AI Score
Confidence
Low
EPSS
Percentile
97.4%
An issue was discovered in ThoughtWorks GoCD before 21.3.0. The business continuity add-on, which is enabled by default, leaks all secrets known to the GoCD server to unauthenticated attackers.
blog.sonarsource.com/gocd-pre-auth-pipeline-takeover
github.com/gocd/gocd/commit/41abc210ac4e8cfa184483c9ff1c0cc04fb3511c
www.gocd.org/releases/#21-3-0