Lucene search
GoogleOSV:GHSA-H5CX-W235-58HMHistoryMay 24, 2022 - 4:58 p.m.
Jenkins iceScrum Plugin vulnerable to Missing Authorization
2022-05-2416:58:49
Google
osv.dev
9
jenkins
icescrum plugin
vulnerability
authorization
permission
attacker
url
credentials
patch
software
EPSS
0.001
Percentile
22.0%
A missing permission check in Jenkins iceScrum Plugin prior to version 1.1.6 allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials. This issue is patched in version 1.1.6
Related
cve
cve
CVE-2019-10442
2019-10-16 14:15:12
nvd
nvd
CVE-2019-10442
2019-10-16 14:15:12
cvelist
cvelist
CVE-2019-10442
2019-10-16 13:00:47
prion
prion
Design/Logic Flaw
2019-10-16 14:15:00
osv
osv
CVE-2019-10442
2019-10-16 14:15:12
github
github
Jenkins iceScrum Plugin vulnerable to Missing Authorization
2022-05-24 16:58:49