Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:51 a.m.11 views

CVE-2023-32999

A missing permission check in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified credentials...

4.3CVSS6.5AI score0.00509EPSS
Exploits0References1
Circl
Circl
added 2023/05/16 8:30 p.m.7 views

CVE-2023-32999

creationtimestamp| type| source ---|---|--- 2023-05-16 20:30:47+00:00| seen| https://t.me/cibsecurity/64233 2025-01-23 16:02:53+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2750...

4.3CVSS4.6AI score0.00509EPSS
Exploits0References2
NVD
NVD
added 2023/05/16 5:15 p.m.27 views

CVE-2023-32999

A missing permission check in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified credentials...

4.3CVSS4.5AI score0.00509EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/05/16 4:0 p.m.14 views

CVE-2023-32999

A missing permission check in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified credentials...

6.5AI score0.00509EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/16 4:0 p.m.40 views

CVE-2023-32999

A missing permission check in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified credentials...

4.8AI score0.00509EPSS
Exploits0References1
CVE
CVE
added 2023/05/16 4:0 p.m.59 views

CVE-2023-32999

Summary (CVE-2023-32999) : Jenkins AppSpider Plugin 1.0.15 and earlier contains a missing permission check in a form validation path. This allows users with Overall/Read permission to reach an attacker-controlled URL and issue an HTTP POST with a JSON payload containing attacker-supplied credenti...

4.3CVSS4.4AI score0.00509EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder