Lucene search
+L

155 matches found

Openbugbounty
Openbugbounty
added 2023/06/06 9:28 a.m.14 views

gerrit-thomas-rietveld.de Cross Site Scripting vulnerability OBB-3396211

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
vulnersOsv
vulnersOsv
added 2023/01/26 9:30 p.m.4 views

org.jenkins-ci.plugins:gerrit-verify-status-reporter (>=0.0.2 <=0.0.3), org.jenkins-ci.plugins:msginject (>=0.1.0 <=0.1.1) +1 more potentially affected by CVE-2023-24423 via com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger (>=2.14.0 <=2.35.0)

com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger MAVEN version =2.14.0, =0.0.2, =0.1.0, =1.0, =428.v5c962d271ba5 Source cves: CVE-2023-24423 Source advisory: OSV:GHSA-95JQ-24CR-PGRQ...

6.5CVSS6.5AI score0.00487EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2023/01/26 9:30 p.m.43 views

Cross-site request forgery in Jenkins Gerrit Trigger Plugin

A cross-site request forgery CSRF vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit...

6.5CVSS7AI score0.00487EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/01/26 9:30 p.m.27 views

GHSA-95JQ-24CR-PGRQ Cross-site request forgery in Jenkins Gerrit Trigger Plugin

A cross-site request forgery CSRF vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit...

6.5CVSS6.6AI score0.00487EPSS
Exploits0References3
NVD
NVD
added 2023/01/26 9:18 p.m.61 views

CVE-2023-24423

A cross-site request forgery CSRF vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit...

6.5CVSS6.4AI score0.00487EPSS
Exploits0References1
OSV
OSV
added 2023/01/26 9:18 p.m.32 views

CVE-2023-24423

A cross-site request forgery CSRF vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit...

6.5CVSS6.5AI score
Exploits0References1
Prion
Prion
added 2023/01/26 9:18 p.m.22 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit...

4.3CVSS6.4AI score0.00487EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/01/26 12:0 a.m.25 views

Jenkins Plugin Gerrit Trigger 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

6.5CVSS6.4AI score0.00487EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/01/24 12:0 a.m.6 views

CVE-2023-24423

A cross-site request forgery CSRF vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit...

7AI score0.00487EPSS
Exploits0References1
CVE
CVE
added 2023/01/24 12:0 a.m.90 views

CVE-2023-24423

The CVE-2023-24423 vulnerability affects Jenkins Gerrit Trigger Plugin

6.5CVSS6.3AI score0.00487EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/01/24 12:0 a.m.56 views

CVE-2023-24423

A cross-site request forgery CSRF vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit...

6.6AI score0.00487EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/24 12:0 a.m.3 views

PT-2023-19583 · Jenkins · Jenkins Gerrit Trigger Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Gerrit Trigger Plugin versions 2.38.0 and earlier Description: A cross-site request forgery CSRF issue allows attackers to rebuild previous builds triggered by Gerrit. This can be exploited to manipulate build processes...

6.5CVSS6.3AI score0.00487EPSS
Exploits0References6
OSV
OSV
added 2022/12/12 9:30 a.m.38 views

GHSA-M82G-FV7V-H64M Jenkins Sonar Gerrit Plugin vulnerable to Cross-Site Request Forgery

A cross-site request forgery CSRF vulnerability in Jenkins Sonar Gerrit Plugin 377.v8f3808963dc5 and earlier allows attackers to have Jenkins connect to Gerrit servers previously configured by Jenkins administrators using attacker-specified credentials IDs obtained through another method,...

5.4CVSS6.6AI score0.00429EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/12/12 9:30 a.m.25 views

Jenkins Sonar Gerrit Plugin vulnerable to Cross-Site Request Forgery

A cross-site request forgery CSRF vulnerability in Jenkins Sonar Gerrit Plugin 377.v8f3808963dc5 and earlier allows attackers to have Jenkins connect to Gerrit servers previously configured by Jenkins administrators using attacker-specified credentials IDs obtained through another method,...

6.5CVSS6.2AI score0.00429EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2022/12/12 9:15 a.m.29 views

CVE-2022-46688

A cross-site request forgery CSRF vulnerability in Jenkins Sonar Gerrit Plugin 377.v8f3808963dc5 and earlier allows attackers to have Jenkins connect to Gerrit servers previously configured by Jenkins administrators using attacker-specified credentials IDs obtained through another method,...

6.5CVSS0.00429EPSS
Exploits0References1
OSV
OSV
added 2022/12/12 9:15 a.m.24 views

CVE-2022-46688

A cross-site request forgery CSRF vulnerability in Jenkins Sonar Gerrit Plugin 377.v8f3808963dc5 and earlier allows attackers to have Jenkins connect to Gerrit servers previously configured by Jenkins administrators using attacker-specified credentials IDs obtained through another method,...

6.5CVSS6.5AI score
Exploits0References1
Prion
Prion
added 2022/12/12 9:15 a.m.20 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Sonar Gerrit Plugin 377.v8f3808963dc5 and earlier allows attackers to have Jenkins connect to Gerrit servers previously configured by Jenkins administrators using attacker-specified credentials IDs obtained through another method,...

4.3CVSS6.4AI score0.00429EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/12/07 12:0 a.m.97 views

CVE-2022-46688

The CVE-2022-46688 entry describes a CSRF vulnerability in Jenkins Sonar Gerrit Plugin 377.v8f3808963dc5 and earlier. The issue allows an attacker to cause Jenkins to connect to Gerrit servers (configured by admins) using attacker-supplied credentials IDs obtained via another method, potentially ...

6.5CVSS6.6AI score0.00429EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/12/07 12:0 a.m.35 views

CVE-2022-46688

A cross-site request forgery CSRF vulnerability in Jenkins Sonar Gerrit Plugin 377.v8f3808963dc5 and earlier allows attackers to have Jenkins connect to Gerrit servers previously configured by Jenkins administrators using attacker-specified credentials IDs obtained through another method,...

7AI score0.00429EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/12/07 12:0 a.m.6 views

CVE-2022-46688

A cross-site request forgery CSRF vulnerability in Jenkins Sonar Gerrit Plugin 377.v8f3808963dc5 and earlier allows attackers to have Jenkins connect to Gerrit servers previously configured by Jenkins administrators using attacker-specified credentials IDs obtained through another method,...

6.5AI score0.00429EPSS
Exploits0References1
Rows per page
Query Builder