9 matches found
SUSE CVE-2018-8718
Cross-site request forgery CSRF vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request...
br.com.ingenieux.jenkins.plugins:codecommit-url-helper (=0.0.1), cf.pgmann.plugins:url-auth-sso (=1.0) +125 more potentially affected by CVE-2018-8718 via org.jenkins-ci.plugins:mailer (>=1.10 <=1.20)
org.jenkins-ci.plugins:mailer MAVEN version =1.10, =1.9.2-beta, =1.14.0, =4.1.1, =2.30.2, =1.0.22, =1.3.0, =0.11.0, =1.0, =1.0.0, =1.0.1 and more Source cves: CVE-2018-8718 Source advisory: OSV:GHSA-6G57-H38C-Q52G...
Jenkins Mailer Plugin < 1.20 - Cross-Site Request Forgery (Send Email) Vulnerability
Exploit for php platform in category web applications Exploit Title : Jenkins mailer plugin \ '+table'covermessage'+'' s = smtplib.SMTPtable'smtpserver' s.starttls s.logintable'lid', table'lpw' s.sendmailmsg'From', msg'To', msg.asstring...
Jenkins Mailer Plugin 1.20 - Cross-Site Request Forgery (Send Email)
Jenkins Mailer Plugin 1.20 - Cross-Site Request Forgery Send Email Exploit Title : Jenkins mailer plugin \ '+table'covermessage'+'' s = smtplib.SMTPtable'smtpserver' s.starttls s.logintable'lid', table'lpw' s.sendmailmsg'From', msg'To', msg.asstring def urlset : url...
Jenkins Mailer Cross Site Request Forgery
Exploit Title : Jenkins mailer plugin \ '+table'covermessage'+'' s = smtplib.SMTPtable'smtpserver' s.starttls s.logintable'lid', table'lpw' s.sendmailmsg'From', msg'To', msg.asstring def urlset : url = strinput"Jenkins Server's URLex : http://vuln.jenkin...
Jenkins Mailer Plugin < 1.20 - Cross-Site Request Forgery (Send Email)
Exploit Title : Jenkins mailer plugin \ '+table'covermessage'+'' s = smtplib.SMTPtable'smtpserver' s.starttls s.logintable'lid', table'lpw' s.sendmailmsg'From', msg'To', msg.asstring def urlset : url = strinput"Jenkins Server's UR...
CVE-2018-8718
Cross-site request forgery CSRF vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request...
CVE-2018-8718
Cross-site request forgery CSRF vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request...
CVE-2018-8718
CVE-2018-8718 is a CSRF vulnerability in the Jenkins Mailer Plugin (version 1.20) used with Jenkins 2.111. The issue allows remote authenticated users to send an email as another user via the /descriptorByName/hudson.tasks.Mailer/sendTestMail endpoint. Public exploit material exists (Exploit-DB, ...