3 matches found
CVE-2023-23847
A cross-site request forgery CSRF vulnerability in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2023-23847
A cross-site request forgery CSRF vulnerability in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2023-23847
CVE-2023-23847 affects Synopsys Jenkins Coverity Plugin 3.0.2 and earlier. The CSRF vulnerability arises from missing permission checks across multiple HTTP endpoints that do not require POST, enabling an attacker to cause the plugin to connect to an attacker-specified HTTP server using attacker-...