Lucene search
GoogleOSV:GHSA-VF2C-W49G-3XF3HistoryMay 24, 2022 - 4:52 p.m.
Missing permission check in Jenkins XL TestView Plugin
2022-05-2416:52:46
Google
osv.dev
3
A missing permission check in Jenkins XL TestView Plugin 1.2.0 and earlier in XLTestView.XLTestDescriptor#doTestConnection allows users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
Related
cve
cve
CVE-2019-10387
2019-08-07 15:15:13
cvelist
cvelist
CVE-2019-10387
2019-08-07 14:20:25
github
github
Missing permission check in Jenkins XL TestView Plugin
2022-05-24 16:52:46
prion
prion
Design/Logic Flaw
2019-08-07 15:15:00
osv
osv
CVE-2019-10387
2019-08-07 15:15:13
nvd
nvd
CVE-2019-10387
2019-08-07 15:15:13