Cross site request forgery (csrf)

A cross-site request forgery vulnerability in Jenkins Health Advisor by CloudBees Plugin 3.0 and earlier allows attackers to send an email with fixed content to an attacker-specified recipient...

Design/Logic Flaw

A missing permission check in Jenkins Health Advisor by CloudBees Plugin 3.0 and earlier allows attackers with Overall/Read permission to send a fixed email to an attacker-specific recipient...

CVE-2020-2094

A missing permission check in Jenkins Health Advisor by CloudBees Plugin 3.0 and earlier allows attackers with Overall/Read permission to send a fixed email to an attacker-specific recipient...

CVE-2020-2094

A missing permission check in Jenkins Health Advisor by CloudBees Plugin 3.0 and earlier allows attackers with Overall/Read permission to send a fixed email to an attacker-specific recipient...

CVE-2020-2093

A cross-site request forgery vulnerability in Jenkins Health Advisor by CloudBees Plugin 3.0 and earlier allows attackers to send an email with fixed content to an attacker-specified recipient...

CVE-2020-2093

A cross-site request forgery vulnerability in Jenkins Health Advisor by CloudBees Plugin 3.0 and earlier allows attackers to send an email with fixed content to an attacker-specified recipient...

CVE-2020-2093

CVE-2020-2093 : In Jenkins Health Advisor by CloudBees Plugin (versions 3.0 and earlier), a CSRF flaw exists where methods performing form validation do not enforce permission checks, enabling users with Overall/Read access to send emails with fixed content to attacker-specified recipients. The i...

PT-2020-15299 · Cloudbees +1 · Health Advisor +1

Name of the Vulnerable Software and Affected Versions: Health Advisor by CloudBees Plugin versions 3.0 and earlier Description: A cross-site request forgery issue allows attackers to send an email with fixed content to a specified recipient. The problem arises because the plugin does not perform...

CloudBees Jenkins Rundeck plugin cross-site request forgery vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . Rundeck Plugin is used in one of the...

CloudBees Script Security Plugin Sandbox Bypass Vulnerability

CloudBees Script Security Plugin is the U.S. CloudBees company's Jenkins Java-based development of continuous integration tools in a plug-in for detecting script security . A sandbox bypass vulnerability exists in the groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java...

CloudBees GitHub Branch Source plugin cross-site forgery vulnerability

CloudBees GitHub Branch Source plugin is the U.S. CloudBees company's Jenkins Java-based development of continuous integration tools in a GitHub branch plugin . A cross-site request forgery vulnerability exists in the CloudBees GitHub Branch Source plugin that stems from the program failing to...