Lucene search
K

7 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/24 1:20 p.m.5 views

CVE-2026-57305

A cross-site request forgery CSRF vulnerability in Jenkins Assembla Plugin 1.4 and earlier allows attackers to connect to an attacker-specified URL using an attacker-specified username and password...

5.4CVSS5.8AI score0.00128EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 1:20 p.m.5 views

CVE-2026-57295

A cross-site request forgery CSRF vulnerability in Jenkins EC2 Fleet Plugin 4.2.3.539.v8fedff2a81c3 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing AWS credentials stored in Jenkins...

5.4CVSS5.8AI score0.00128EPSS
Exploits0References2
Veracode
Veracode
added 2025/12/13 5:0 a.m.6 views

Cross-site Request Forgery (CSRF)

org.jenkins-ci.plugins, publish-to-bitbucket is vulnerable to cross-site request forgery CSRF. The vulnerability is due to missing CSRF protection in the plugin configuration endpoints, which allows an attacker to force a victim to connect Jenkins to an attacker-controlled URL using...

5.4CVSS6.8AI score0.00188EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/29 1:29 p.m.3 views

CVE-2025-64141

A cross-site request forgery CSRF vulnerability in Jenkins Nexus Task Runner Plugin 0.9.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials...

6.4AI score0.0019EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/07/27 12:0 a.m.3 views

PT-2022-4025 · Jenkins · Jenkins Openshift Deployer Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins OpenShift Deployer Plugin versions 1.2.0 and earlier Description: The issue is related to a missing permission check in the plugin, which can be exploited by attackers with Overall/Read permission to connect to an attacker-specified U...

6.8CVSS6.2AI score0.00645EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2022/03/29 1:15 p.m.2 views

CVE-2022-28136

A cross-site request forgery CSRF vulnerability in Jenkins JiraTestResultReporter Plugin 165.v817928553942 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials...

8.8CVSS5.8AI score0.00689EPSS
Exploits0References3
OSV
OSV
added 2022/02/15 5:15 p.m.2 views

CVE-2022-25194

A cross-site request forgery CSRF vulnerability in Jenkins autonomiq Plugin 1.15 and earlier allows attackers to connect to an attacker-specified URL server using attacker-specified credentials...

8.8CVSS5.7AI score
Exploits0References1
Rows per page
Query Builder