4 matches found
CVE-2023-24432
creationtimestamp| type| source ---|---|--- 2023-01-27 00:44:03+00:00| seen| https://t.me/cibsecurity/56991 2025-04-02 14:34:00+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10080...
CVE-2023-24432
A cross-site request forgery CSRF vulnerability in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2023-24432
CVE-2023-24432 affects Jenkins Orka by MacStadium Plugin versions ≤ 1.31. The vulnerability arises from missing permission checks on several HTTP endpoints and CSRF-like behavior, enabling attackers with Overall/Read permission to connect to an attacker‑specified HTTP server using attacker‑specif...
CVE-2023-24432
A cross-site request forgery CSRF vulnerability in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...