Lucene search
K

7 matches found

GithubExploit
GithubExploit
added 2024/11/14 12:2 a.m.177 views

Exploit for Origin Validation Error in Jenkins

Jenkins CLI Websocket Hijacking - PoC A proof of concept cross...

8.8CVSS8.7AI score0.66921EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.63 views

RHEL 8 : Jenkins and Jenkins-2-plugins (RHSA-2024:0778)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0778 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

9.8CVSS7.7AI score0.99999EPSS
Exploits94References80
RedhatCVE
RedhatCVE
added 2024/01/25 8:22 p.m.97 views

CVE-2024-23898

A flaw was found in Jenkins where websocket access to the CLI does not perform origin validation of requests when they are made through the websocket endpoint...

8.8CVSS6.7AI score0.66921EPSS
Exploits1References5
Circl
Circl
added 2024/01/24 7:27 p.m.8 views

CVE-2024-23898

creationtimestamp| type| source ---|---|--- 2024-01-24 19:27:03+00:00| seen| https://t.me/ctinow/173031 2024-01-26 22:27:11+00:00| seen| https://t.me/arpsyndicate/3097 2024-01-28 04:12:00+00:00| seen| https://t.me/arpsyndicate/3198 2024-01-29 12:46:44+00:00| published-proof-of-concept|...

8.8CVSS8AI score0.66921EPSS
Exploits1References7
AlpineLinux
AlpineLinux
added 2024/01/24 6:15 p.m.45 views

CVE-2024-23898

Jenkins 2.217 through 2.441 both inclusive, LTS 2.222.1 through 2.426.2 both inclusive does not perform origin validation of requests made through the CLI WebSocket endpoint, resulting in a cross-site WebSocket hijacking CSWSH vulnerability, allowing attackers to execute CLI commands on the Jenki...

7.5AI score0.66921EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2024/01/24 5:52 p.m.5 views

CVE-2024-23898

Jenkins 2.217 through 2.441 both inclusive, LTS 2.222.1 through 2.426.2 both inclusive does not perform origin validation of requests made through the CLI WebSocket endpoint, resulting in a cross-site WebSocket hijacking CSWSH vulnerability, allowing attackers to execute CLI commands on the Jenki...

9.2AI score0.66921EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/01/24 5:52 p.m.42 views

CVE-2024-23898

Jenkins 2.217 through 2.441 both inclusive, LTS 2.222.1 through 2.426.2 both inclusive does not perform origin validation of requests made through the CLI WebSocket endpoint, resulting in a cross-site WebSocket hijacking CSWSH vulnerability, allowing attackers to execute CLI commands on the Jenki...

8.9AI score0.66921EPSS
Exploits1References3
Rows per page
Query Builder