Lucene search
K

58 matches found

NVD
NVD
added 2023/12/13 6:15 p.m.29 views

CVE-2023-50768

A cross-site request forgery CSRF vulnerability in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8CVSS0.00447EPSS
Exploits0References2
Prion
Prion
added 2023/12/13 6:15 p.m.21 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.8CVSS6.8AI score0.00447EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/12/13 6:15 p.m.19 views

Design/Logic Flaw

Missing permission checks in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

4CVSS6.7AI score0.00485EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/12/13 5:30 p.m.54 views

CVE-2023-50769

CVE-2023-50769 affects Jenkins Nexus Platform Plugin 3.18.0-03 and earlier. Missing permission checks let users with Overall/Read connect to an attacker‑specified HTTP server using attacker‑specified credentials IDs, potentially capturing credentials stored in Jenkins. Red Hat and broader advisor...

4.3CVSS4.4AI score0.00485EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2023/12/13 5:30 p.m.24 views

CVE-2023-50769

Missing permission checks in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

4.3CVSS6.9AI score0.00485EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/12/13 5:30 p.m.11 views

CVE-2023-50768

A cross-site request forgery CSRF vulnerability in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8AI score0.00447EPSS
Exploits0References2
CVE
CVE
added 2023/12/13 5:30 p.m.67 views

CVE-2023-50768

CVE-2023-50768 concerns a CSRF vulnerability in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier. The issue allows an attacker to cause Jenkins to connect to an attacker-controlled HTTP server using attacker-specified credentials IDs (obtained through another method), which can result in crede...

8.8CVSS8.6AI score0.00447EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/12/13 5:30 p.m.30 views

CVE-2023-50768

A cross-site request forgery CSRF vulnerability in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.9AI score0.00447EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/12/13 5:30 p.m.26 views

CVE-2023-50769

Missing permission checks in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

5.2AI score0.00485EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2023/12/13 5:30 p.m.26 views

CVE-2023-50767

Missing permission checks in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML...

5.4CVSS7.1AI score0.0044EPSS
Exploits0References2
CVE
CVE
added 2023/12/13 5:30 p.m.57 views

CVE-2023-50767

CVE-2023-50767 affects Jenkins Nexus Platform Plugin up to version 3.18.0-03. It describes missing permission checks that allow a user with Overall/Read to cause the plugin to send an HTTP request to an attacker-specified URL and parse the response as XML. This can enable indirect interaction wit...

5.4CVSS5.3AI score0.0044EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/12/13 5:30 p.m.25 views

CVE-2023-50767

Missing permission checks in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML...

6AI score0.0044EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2023/12/13 5:30 p.m.36 views

CVE-2023-50766

A cross-site request forgery CSRF vulnerability in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML...

8.8CVSS7.2AI score0.00447EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/12/13 5:30 p.m.22 views

CVE-2023-50766

A cross-site request forgery CSRF vulnerability in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML...

8.9AI score0.00447EPSS
Exploits0References2
CVE
CVE
added 2023/12/13 5:30 p.m.57 views

CVE-2023-50766

CVE-2023-50766 is a CSRF vulnerability in Jenkins Nexus Platform Plugin

8.8CVSS8.6AI score0.00447EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/12/13 5:30 p.m.12 views

CVE-2023-50766

A cross-site request forgery CSRF vulnerability in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML...

7AI score0.00447EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/13 12:0 a.m.5 views

PT-2023-31636 · Jenkins · Jenkins Nexus Platform Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Nexus Platform Plugin versions 3.18.0-03 and earlier Description: The issue is related to missing permission checks in the Jenkins Nexus Platform Plugin, allowing attackers with Overall/Read permission to send an HTTP request to an...

5.4CVSS5.4AI score0.0044EPSS
Exploits0References10
CNNVD
CNNVD
added 2023/12/13 12:0 a.m.3 views

Jenkins Nexus Platform Plugin Security Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

8.8CVSS6.7AI score0.00447EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/12/13 12:0 a.m.4 views

Jenkins Nexus Platform Plugin Security Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

4.3CVSS6.7AI score0.00485EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/12/13 12:0 a.m.3 views

Jenkins Nexus Platform Plugin Security Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

5.4CVSS6.7AI score0.0044EPSS
Exploits0References4
Rows per page
Query Builder