50 matches found
EUVD-2023-1308
Malicious code in bioql PyPI...
EUVD-2022-3919
Malicious code in bioql PyPI...
EUVD-2022-6375
Malicious code in bioql PyPI...
CVE-2023-30529
Jenkins Lucene-Search Plugin 387.v938aecbf7fe9 and earlier does not require POST requests for an HTTP endpoint, allowing attackers to reindex the database...
CVE-2022-36910
Jenkins Lucene-Search Plugin 370.v62a5f618cd3a and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to reindex the database and to obtain information about jobs otherwise inaccessible to them...
GHSA-GH5W-GFFH-68PR Jenkins Lucene-Search Plugin vulnerable to Cross-Site Request Forgery
Jenkins Lucene-Search Plugin 387.v938aecbf7fe9 and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to reindex the database...
Jenkins Lucene-Search Plugin vulnerable to Cross-Site Request Forgery
Jenkins Lucene-Search Plugin 387.v938aecbf7fe9 and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to reindex the database...
CVE-2023-30529
Jenkins Lucene-Search Plugin 387.v938aecbf7fe9 and earlier does not require POST requests for an HTTP endpoint, allowing attackers to reindex the database...
CVE-2023-30529
Jenkins Lucene-Search Plugin 387.v938aecbf7fe9 and earlier does not require POST requests for an HTTP endpoint, allowing attackers to reindex the database...
Code injection
Jenkins Lucene-Search Plugin 387.v938aecbf7fe9 and earlier does not require POST requests for an HTTP endpoint, allowing attackers to reindex the database...
CVE-2023-30529
Jenkins Lucene-Search Plugin 387.v938aecbf7fe9 and earlier does not require POST requests for an HTTP endpoint, allowing attackers to reindex the database...
CVE-2023-30529
Jenkins Lucene-Search Plugin 387.v938aecbf7fe9 and earlier does not require POST requests for an HTTP endpoint, allowing attackers to reindex the database...
CVE-2023-30529
CVE-2023-30529 affects the Jenkins Lucene-Search Plugin (versions 387.v938a_ecb_f7fe9 and earlier). The underlying issue is that the plugin’s HTTP endpoint does not require POST requests, enabling cross-site request forgery that can be used to reindex the database. The accompanying sources consis...
CVE-2023-30529
Jenkins Lucene-Search Plugin 387.v938aecbf7fe9 and earlier does not require POST requests for an HTTP endpoint, allowing attackers to reindex the database...
PT-2023-22757 · Jenkins · Jenkins Lucene-Search Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Lucene-Search Plugin versions 387.v938a ecb f7fe9 and earlier Description: The issue allows attackers to reindex the database due to the lack of requirement for POST requests for an HTTP endpoint, resulting in a cross-site request...
Jenkins Plugin Lucene-Search 跨站请求伪造漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
Logicaldoc LogicalDOC 跨站脚本漏洞
LogicalDOC is the U.S. LogicalDOC company a set of document management system developed using Java technology . The system has features such as Lucene full-text search indexing and automatic import. A security vulnerability exists in LogicalDOC Enterprise. An attacker could exploit this...
The vulnerability of the Jenkins Lucene-Search Plugin, related to deficiencies in authentication procedures, allows attackers to gain unauthorized access to protected information.
The vulnerability of the Jenkins Lucene-Search Plugin is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the Jenkins Lucene-Search Plugin, related to the lack of security measures for website structure protection, allows attackers to execute XSS attacks.
The vulnerability of the Jenkins Lucene-Search Plugin exists due to the lack of security measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
GHSA-M8W5-VWQ3-GP8F Lucene-Search Plugin does not perform permission checks in several HTTP endpoints
Jenkins Lucene-Search Plugin 370.v62a5f618cd3a and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to reindex the database and to obtain information about jobs otherwise inaccessible to them...