Lucene search
K

9 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:29 a.m.6 views

SUSE CVE-2018-8718

Cross-site request forgery CSRF vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request...

8CVSS7.7AI score0.06773EPSS
Exploits5References3
vulnersOsv
vulnersOsv
added 2022/05/14 1:29 a.m.8 views

br.com.ingenieux.jenkins.plugins:codecommit-url-helper (=0.0.1), cf.pgmann.plugins:url-auth-sso (=1.0) +125 more potentially affected by CVE-2018-8718 via org.jenkins-ci.plugins:mailer (>=1.10 <=1.20)

org.jenkins-ci.plugins:mailer MAVEN version =1.10, =1.9.2-beta, =1.14.0, =4.1.1, =2.30.2, =1.0.22, =1.3.0, =0.11.0, =1.0, =1.0.0, =1.0.1 and more Source cves: CVE-2018-8718 Source advisory: OSV:GHSA-6G57-H38C-Q52G...

8CVSS7.2AI score0.06773EPSS
Exploits5
0day.today
0day.today
added 2018/06/06 12:0 a.m.44 views

Jenkins Mailer Plugin < 1.20 - Cross-Site Request Forgery (Send Email) Vulnerability

Exploit for php platform in category web applications Exploit Title : Jenkins mailer plugin \ '+table'covermessage'+'' s = smtplib.SMTPtable'smtpserver' s.starttls s.logintable'lid', table'lpw' s.sendmailmsg'From', msg'To', msg.asstring...

6CVSS0.2AI score0.06773EPSS
Exploits5
exploitpack
exploitpack
added 2018/06/05 12:0 a.m.45 views

Jenkins Mailer Plugin 1.20 - Cross-Site Request Forgery (Send Email)

Jenkins Mailer Plugin 1.20 - Cross-Site Request Forgery Send Email Exploit Title : Jenkins mailer plugin \ '+table'covermessage'+'' s = smtplib.SMTPtable'smtpserver' s.starttls s.logintable'lid', table'lpw' s.sendmailmsg'From', msg'To', msg.asstring def urlset : url...

6CVSS0.1AI score0.06773EPSS
Exploits5
Packet Storm
Packet Storm
added 2018/06/05 12:0 a.m.47 views

Jenkins Mailer Cross Site Request Forgery

Exploit Title : Jenkins mailer plugin \ '+table'covermessage'+'' s = smtplib.SMTPtable'smtpserver' s.starttls s.logintable'lid', table'lpw' s.sendmailmsg'From', msg'To', msg.asstring def urlset : url = strinput"Jenkins Server's URLex : http://vuln.jenkin...

6CVSS0.6AI score0.06773EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/06/05 12:0 a.m.38 views

Jenkins Mailer Plugin &lt; 1.20 - Cross-Site Request Forgery (Send Email)

Exploit Title : Jenkins mailer plugin \ '+table'covermessage'+'' s = smtplib.SMTPtable'smtpserver' s.starttls s.logintable'lid', table'lpw' s.sendmailmsg'From', msg'To', msg.asstring def urlset : url = strinput"Jenkins Server's UR...

8CVSS8.1AI score0.06773EPSS
Exploits5
RedhatCVE
RedhatCVE
added 2018/03/28 4:21 a.m.28 views

CVE-2018-8718

Cross-site request forgery CSRF vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request...

8CVSS5.5AI score0.06773EPSS
Exploits5References1
OSV
OSV
added 2018/03/27 4:29 p.m.24 views

CVE-2018-8718

Cross-site request forgery CSRF vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request...

8CVSS6.9AI score
Exploits0References4
CVE
CVE
added 2018/03/27 4:0 p.m.106 views

CVE-2018-8718

CVE-2018-8718 is a CSRF vulnerability in the Jenkins Mailer Plugin (version 1.20) used with Jenkins 2.111. The issue allows remote authenticated users to send an email as another user via the /descriptorByName/hudson.tasks.Mailer/sendTestMail endpoint. Public exploit material exists (Exploit-DB, ...

8CVSS7.5AI score0.06773EPSS
Exploits5References4Affected Software1
Rows per page
Query Builder