4 matches found
CVE-2023-2631
A missing permission check in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL...
CVE-2023-2631
CVE-2023-2631 affects Jenkins Code Dx Plugin 3.1.0 and earlier. The issue is missing permission checks on several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified URL. Some endpoints do not require POST, enabling CSRF. Exploitation status is not ...
CVE-2023-2631 CSRF vulnerability and missing permission checks in Code Dx Plugin
A missing permission check in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL...
CVE-2023-2631
A missing permission check in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL...