Lucene search
K

65 matches found

CVE
CVE
added 2019/10/16 1:0 p.m.70 views

CVE-2019-10441

CVE-2019-10441 describes a CSRF in the Jenkins iceScrum Plugin (versions up to 1.1.5) that allowed an attacker to connect to an attacker‑specified URL using attacker‑specified credentials. The issue affects Jenkins iceScrum Plugin ≤ 1.1.5 and is mitigated by upgrading to version 1.1.6, per multip...

4.3CVSS4.5AI score0.00665EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/10/16 1:0 p.m.25 views

CVE-2019-10441

A cross-site request forgery vulnerability in Jenkins iceScrum Plugin 1.1.5 and earlier allowed attackers to connect to an attacker-specified URL using attacker-specified credentials...

4.5AI score0.00665EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/10/16 12:0 a.m.5 views

PT-2019-11835 · Jenkins · Jenkins Icescrum Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins iceScrum Plugin versions 1.1.5 and earlier Description: A cross-site request forgery issue allows attackers to connect to an attacker-specified URL using attacker-specified credentials. Recommendations: For Jenkins iceScrum Plugin...

4.3CVSS4.4AI score0.00665EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2019/10/16 12:0 a.m.5 views

PT-2019-11836 · Jenkins · Jenkins Icescrum Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins iceScrum Plugin versions 1.1.5 and earlier Description: A missing permission check in the Jenkins iceScrum Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified...

4.3CVSS4.4AI score0.00656EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2019/10/16 12:0 a.m.5 views

PT-2019-11837 · Jenkins · Jenkins Icescrum Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins iceScrum Plugin version 1.1.4 and earlier Description: The issue allows stored credentials to be stored unencrypted in job config.xml files on the Jenkins master. These credentials could be viewed by users with Extended Read permissio...

8.8CVSS8.4AI score0.01634EPSS
Exploits0References7
Rows per page
Query Builder