1393 matches found
CVE-2023-3414 Cross-Site Request Forgery (CSRF) in Jenkins Plug-in for ServiceNow DevOps
A cross-site request forgery vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for...
CVE-2023-3414
CVE-2023-3414 is a Cross-Site Request Forgery vulnerability in the Jenkins Plug-in for ServiceNow DevOps prior to version 1.38.1. Exploitation could lead to exposure of sensitive information via CSRF on form validation without requiring POST? or with improper permission checks. Remediation: upgra...
CVE-2023-3414 Cross-Site Request Forgery (CSRF) in Jenkins Plug-in for ServiceNow DevOps
A cross-site request forgery vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for...
Jenkins Plugin ServiceNow DevOps 跨站请求伪造漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. Jenkins Plugin ServiceNow...
Jenkins Plugin ServiceNow DevOps 安全漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. Jenkins Plugin ServiceNow...
PT-2023-24866 · Jenkins · Jenkins Plug-In For Servicenow Devops +1
Name of the Vulnerable Software and Affected Versions: Jenkins Plug-in for ServiceNow DevOps versions prior to 1.38.1 Description: A missing authorization issue exists that could lead to the unwanted exposure of sensitive information if exploited successfully. Recommendations: For versions prior ...
PT-2023-24694 · Jenkins · Jenkins Plug-In For Servicenow Devops +1
Name of the Vulnerable Software and Affected Versions: Jenkins Plug-in for ServiceNow DevOps versions prior to 1.38.1 Description: A cross-site request forgery issue exists that could cause the unwanted exposure of sensitive information if exploited successfully. Recommendations: For versions pri...
AI Coding Companions: Comparing AWS, GitHub, & Google
Top cloud vendors and software companies are rolling out AI coding companions that use generative AI to speed up and streamline DevOps. In this blog, we take a look at what some of these new tools have in common, where they differ, and what they mean for cybersecurity...
Azure DevOps Server 2022 XSS
The Microsoft Team Foundation Server or Azure DevOps install is missing security updates. It is, therefore, affected by a cross-site scripting vulnerability. An attacker who successfully exploited the vulnerability could access data that is available for the current user. Depending on the user's...
The vulnerability of the Azure DevOps Server software, related to errors in information presentation on the user interface, allows attackers to perform spear-phishing attacks.
The vulnerability of the Azure DevOps Server software relates to errors in information presentation by the user interface. Exploiting this vulnerability could allow a malicious actor to perform spear-phishing attacks remotely...
The vulnerability of the Azure DevOps Server software, related to errors in information presentation on the user interface, allows attackers to perform spear-phishing attacks.
The vulnerability of the Azure DevOps Server software relates to errors in information presentation by the user interface. Exploiting this vulnerability could allow a malicious actor to perform spear-phishing attacks remotely...
Security Updates for Microsoft Team Foundation Server and Azure DevOps Server (June 2023)
The Microsoft Team Foundation Server or Azure DevOps install is missing security updates. It is, therefore, affected by multiple server spoofing vulnerabilities. An attacker who successfully exploited the vulnerability could access data that is available for the current user. Depending on the...
CVE-2023-21569
Azure DevOps Server Spoofing Vulnerability...
CVE-2023-21569
Azure DevOps Server Spoofing Vulnerability...
CVE-2023-21565
Azure DevOps Server Spoofing Vulnerability...
CVE-2023-21565
Azure DevOps Server Spoofing Vulnerability...
CVE-2023-21569
Azure DevOps Server Spoofing Vulnerability...
CVE-2023-21565
Azure DevOps Server Spoofing Vulnerability...
Spoofing
Azure DevOps Server Spoofing Vulnerability...
Spoofing
Azure DevOps Server Spoofing Vulnerability...