EUVD-2020-23785

Malware in sbrugna...

Top 5 Bug Bounty Platforms to Watch in 2021

While Gartner does not have a dedicated Magic Quadrant for Bug Bounties or Crowd Security Testing yet, Gartner Peer Insights already lists 24 vendors in the "Application Crowdtesting Services" category. We have compiled the top 5 most promising bug bounty platforms for those of you who are lookin...

CloudBees Jenkins Crowd 2 Integration Plugin Server Request Forgery Vulnerability

CloudBees Jenkins formerly known as Hudson Labs is a set of Java-based continuous integration tools from CloudBees, Inc. It is mainly used to monitor continuous software version release/testing projects and some timed tasks.Crowd 2 Integration Plugin is used in which a Authentication Plugin. A...

CloudBees Jenkins Crowd 2 Integration Plugin Storing Credentials in Plain Text Format Vulnerability

CloudBees Jenkins formerly known as Hudson Labs is a set of Java-based continuous integration tools from CloudBees, Inc. It is mainly used to monitor continuous software version release/testing projects and some timed tasks.Crowd 2 Integration Plugin is used in which a Authentication Plugin. A...

Parsing of external XML entities can be exploited to retrieve files or make HTTP requests on the target network

h3. Description This issue has been assigned CVE-2013-3925 by Mitre Corporation. Previously reported issue CVE-2012-2926 August 2012, CVSS score 6.4 was patched by introducing a new XFire servlet component into Crowd. The new component disables external entity resolution during XML parsing. The n...