Lucene search
K

4 matches found

Circl
Circl
added 2023/01/27 12:44 a.m.6 views

CVE-2023-24432

creationtimestamp| type| source ---|---|--- 2023-01-27 00:44:03+00:00| seen| https://t.me/cibsecurity/56991 2025-04-02 14:34:00+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10080...

8.8CVSS7.3AI score0.00515EPSS
Exploits0References2
NVD
NVD
added 2023/01/26 9:18 p.m.32 views

CVE-2023-24432

A cross-site request forgery CSRF vulnerability in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8CVSS8.7AI score0.00515EPSS
Exploits0References1
CVE
CVE
added 2023/01/24 12:0 a.m.77 views

CVE-2023-24432

CVE-2023-24432 affects Jenkins Orka by MacStadium Plugin versions ≤ 1.31. The vulnerability arises from missing permission checks on several HTTP endpoints and CSRF-like behavior, enabling attackers with Overall/Read permission to connect to an attacker‑specified HTTP server using attacker‑specif...

8.8CVSS8.6AI score0.00515EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/01/24 12:0 a.m.34 views

CVE-2023-24432

A cross-site request forgery CSRF vulnerability in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.9AI score0.00515EPSS
Exploits0References1
Rows per page
Query Builder