Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:11 a.m.11 views

CVE-2023-30526

A missing permission check in Jenkins Report Portal Plugin 0.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified bearer token authentication...

6.5CVSS6.6AI score0.00542EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/04/13 12:0 a.m.24 views

Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.15 Multiple Vulnerabilities (CloudBees Security Advisory 2023-04-12)

The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.15. It is, therefore, affected by multiple vulnerabilities including the following: - Jenkins Kubernetes Plugin 3909.v1f2c633e8590 and earlier does not properly mask i.e....

8.8CVSS5.9AI score0.0078EPSS
Exploits0References21
NVD
NVD
added 2023/04/12 6:15 p.m.26 views

CVE-2023-30526

A missing permission check in Jenkins Report Portal Plugin 0.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified bearer token authentication...

6.5CVSS6.4AI score0.00542EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/04/12 5:5 p.m.8 views

CVE-2023-30526

A missing permission check in Jenkins Report Portal Plugin 0.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified bearer token authentication...

6.6AI score0.00542EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/04/12 5:5 p.m.26 views

CVE-2023-30526

A missing permission check in Jenkins Report Portal Plugin 0.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified bearer token authentication...

6.5AI score0.00542EPSS
Exploits0References2
CVE
CVE
added 2023/04/12 5:5 p.m.63 views

CVE-2023-30526

CVE-2023-30526 affects Jenkins Report Portal Plugin 0.5 and earlier. A missing permission check in a method handling form validation (and related CSRF context) allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified bearer token authenticatio...

6.5CVSS6.3AI score0.00542EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder