17 matches found
CVE-2022-34208
A missing permission check in Jenkins Beaker builder Plugin 1.10 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL...
CVE-2022-34207
A cross-site request forgery CSRF vulnerability in Jenkins Beaker builder Plugin 1.10 and earlier allows attackers to connect to an attacker-specified URL...
CVE-2019-10398
Jenkins Beaker Builder Plugin 1.9 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system...
GHSA-VQPP-Q5X5-QJ4R Cross-Site Request Forgery in Jenkins Beaker builder Plugin
A cross-site request forgery CSRF vulnerability in Jenkins Beaker builder Plugin 1.10 and earlier allows attackers to connect to an attacker-specified URL...
Cross-Site Request Forgery in Jenkins Beaker builder Plugin
A cross-site request forgery CSRF vulnerability in Jenkins Beaker builder Plugin 1.10 and earlier allows attackers to connect to an attacker-specified URL...
Jenkins Beaker builder Plugin跨站请求伪造漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. An attacker could use this vulnerability to connect to a specified URL by...
CVE-2022-34207
A cross-site request forgery CSRF vulnerability in Jenkins Beaker builder Plugin 1.10 and earlier allows attackers to connect to an attacker-specified URL...
CVE-2022-34208
A missing permission check in Jenkins Beaker builder Plugin 1.10 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL...
CVE-2022-34208
A missing permission check in Jenkins Beaker builder Plugin 1.10 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL...
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in Jenkins Beaker builder Plugin 1.10 and earlier allows attackers to connect to an attacker-specified URL...
CVE-2022-34208
CVE-2022-34208 : Jenkins Beaker Builder Plugin 1.10 and earlier has a missing permission check in a form-validation path. This allows attackers with Overall/Read permission to connect to an attacker-specified URL, and the flow may enable CSRF scenarios. The vulnerability is documented across mult...
PT-2022-22077 · Jenkins · Jenkins Beaker Builder Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Beaker builder Plugin versions 1.10 and earlier Description: A cross-site request forgery CSRF issue allows attackers to connect to an attacker-specified URL. This can be exploited by attackers to perform unauthorized actions...
CVE-2019-10398
Jenkins Beaker Builder Plugin 1.9 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system...
CVE-2019-10398
Jenkins Beaker Builder Plugin 1.9 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system...
Design/Logic Flaw
Jenkins Beaker Builder Plugin 1.9 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system...
CVE-2019-10398
The CVE-2019-10398 entry concerns Jenkins Beaker Builder Plugin (versions ≤ 1.9). The vulnerability arises from credentials being stored unencrypted in the plugin’s global configuration file on the Jenkins master, enabling users with file-system access to view them. Impact is credential disclosur...
PT-2019-11792 · Jenkins · Jenkins Beaker Builder Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Beaker Builder Plugin versions 1.9 and earlier Description: The issue concerns the storage of credentials in the Jenkins Beaker Builder Plugin. Specifically, the plugin stored credentials unencrypted in its global configuration file o...