4 matches found
CVE-2023-37952
A cross-site request forgery CSRF vulnerability in Jenkins mabl Plugin 0.0.46 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2023-37952
A cross-site request forgery CSRF vulnerability in Jenkins mabl Plugin 0.0.46 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2023-37952
CVE-2023-37952 affects Jenkins mabl Plugin versions 0.0.46 and earlier. The root cause is missing permission checks on several HTTP endpoints, allowing CSRF by attackers who can cause the plugin to connect to an attacker-specified URL using attacker-specified credentials IDs, thereby exposing cre...
CVE-2023-37952
A cross-site request forgery CSRF vulnerability in Jenkins mabl Plugin 0.0.46 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...