Lucene search
K

4 matches found

OSV
OSV
added 2019/10/23 1:15 p.m.12 views

CVE-2019-10464

A cross-site request forgery vulnerability in Jenkins Deploy WebLogic Plugin allows attackers to connect to an attacker-specified URL using attacker-specified credentials, or determine whether a file or directory with an attacker-specified path exists on the Jenkins master file system...

8.8CVSS6.9AI score
Exploits0References2
NVD
NVD
added 2019/10/23 1:15 p.m.24 views

CVE-2019-10464

A cross-site request forgery vulnerability in Jenkins Deploy WebLogic Plugin allows attackers to connect to an attacker-specified URL using attacker-specified credentials, or determine whether a file or directory with an attacker-specified path exists on the Jenkins master file system...

8.8CVSS8.6AI score0.00767EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/10/23 12:45 p.m.28 views

CVE-2019-10464

A cross-site request forgery vulnerability in Jenkins Deploy WebLogic Plugin allows attackers to connect to an attacker-specified URL using attacker-specified credentials, or determine whether a file or directory with an attacker-specified path exists on the Jenkins master file system...

8.6AI score0.00767EPSS
Exploits0References2
CVE
CVE
added 2019/10/23 12:45 p.m.60 views

CVE-2019-10464

The CVE-2019-10464 entry concerns a cross-site request forgery in the Jenkins Deploy WebLogic Plugin. The underlying issue: the plugin does not perform permission checks in a form validation method and does not require POST for that validation, allowing authenticated Jenkins users (with Overall/R...

8.8CVSS8.5AI score0.00767EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder