Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2023/07/04 5:17 a.m.16 views

CVE-2023-35148

A cross-site request forgery CSRF vulnerability in Jenkins Digital.ai App Management Publisher Plugin 2.6 and earlier allows attackers to connect to an attacker-specified URL, capturing credentials stored in Jenkins...

4.2CVSS6.7AI score0.00452EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/06/16 12:0 a.m.49 views

Jenkins plugins Multiple Vulnerabilities (2023-06-14)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins Checkmarx Plugin 2022.4.3 and earlier disables SSL/TLS validation for connections to the Checkmarx server by default. CVE-2023-3514...

8.1CVSS6.2AI score0.0083EPSS
Exploits0References11
CVE
CVE
added 2023/06/14 12:53 p.m.73 views

CVE-2023-35148

CVE-2023-35148 refers to a CSRF vulnerability in Jenkins Digital.ai App Management Publisher Plugin (version 2.6 and earlier). The core issue is missing permission checks across several HTTP endpoints, allowing an attacker with Overall/Read permission to cause the controller to connect to an atta...

6.5CVSS6.3AI score0.00452EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/06/14 12:53 p.m.47 views

CVE-2023-35148

A cross-site request forgery CSRF vulnerability in Jenkins Digital.ai App Management Publisher Plugin 2.6 and earlier allows attackers to connect to an attacker-specified URL, capturing credentials stored in Jenkins...

7AI score0.00452EPSS
Exploits0References2
Rows per page
Query Builder