Lucene search
PRIOn knowledge basePRION:CVE-2023-41930HistorySep 06, 2023 - 1:15 p.m.
Design/Logic Flaw
2023-09-0613:15:00
PRIOn knowledge base
www.prio-n.com
6
jenkins
configuration
history
manipulation
security
Jenkins Job Configuration History Plugin 1227.v7a_79fc4dc01f and earlier does not restrict the ‘name’ query parameter when rendering a history entry, allowing attackers to have Jenkins render a manipulated configuration history that was not created by the plugin.
| CPE | Name | Operator | Version |
|---|---|---|---|
| job_configuration_history | eq | <= 1227.v7a-79fc4dc1f |
Related
cvelist
cvelist
CVE-2023-41930
2023-09-06 12:08:52
osv
osv
Path traversal in Jenkins Job Configuration History Plugin
2023-09-06 15:30:26
nvd
nvd
CVE-2023-41930
2023-09-06 13:15:09
cve
cve
CVE-2023-41930
2023-09-06 13:15:09
github
github
Path traversal in Jenkins Job Configuration History Plugin
2023-09-06 15:30:26
alpinelinux
alpinelinux
CVE-2023-41930
2023-09-06 13:15:09
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2023-09-06)
2023-09-07 00:00:00