6 matches found
CVE-2023-30526
A missing permission check in Jenkins Report Portal Plugin 0.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified bearer token authentication...
Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.15 Multiple Vulnerabilities (CloudBees Security Advisory 2023-04-12)
The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.15. It is, therefore, affected by multiple vulnerabilities including the following: - Jenkins Kubernetes Plugin 3909.v1f2c633e8590 and earlier does not properly mask i.e....
CVE-2023-30526
A missing permission check in Jenkins Report Portal Plugin 0.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified bearer token authentication...
CVE-2023-30526
A missing permission check in Jenkins Report Portal Plugin 0.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified bearer token authentication...
CVE-2023-30526
A missing permission check in Jenkins Report Portal Plugin 0.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified bearer token authentication...
CVE-2023-30526
CVE-2023-30526 affects Jenkins Report Portal Plugin 0.5 and earlier. A missing permission check in a method handling form validation (and related CSRF context) allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified bearer token authenticatio...