Lucene search
GoogleOSV:GHSA-6CVM-V6QJ-HJQ9HistoryMay 13, 2022 - 1:48 a.m.
CSRF vulnerability and missing permission checks in GitHub Plugin allowed capturing credentials
2022-05-1301:48:38
Google
osv.dev
5
csrf
vulnerability
jenkins
github plugin
exposure
sensitive information
missing permission checks
credentials capture
A exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.1 and earlier in GitHubTokenCredentialsCreator.java that allows attackers to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
Related
prion
prion
Design/Logic Flaw
2018-06-26 17:29:00
nvd
nvd
CVE-2018-1000600
2018-06-26 17:29:00
cvelist
cvelist
CVE-2018-1000600
2018-06-26 17:00:00
cve
cve
CVE-2018-1000600
2018-06-26 17:29:00
github
github
nuclei
nuclei
Jenkins GitHub Plugin <=1.29.1 - Server-Side Request Forgery
2021-07-26 17:18:45
redhatcve
redhatcve
CVE-2018-1000600
2018-06-28 09:49:32
osv
osv
CVE-2018-1000600
2018-06-26 17:29:00