5 matches found
CVE-2023-41932
Jenkins Job Configuration History Plugin 1227.v7a79fc4dc01f and earlier does not restrict 'timestamp' query parameters in multiple endpoints, allowing attackers with to delete attacker-specified directories on the Jenkins controller file system as long as they contain a file called 'history.xml'...
CVE-2023-41932
Jenkins Job Configuration History Plugin 1227.v7a79fc4dc01f and earlier does not restrict 'timestamp' query parameters in multiple endpoints, allowing attackers with to delete attacker-specified directories on the Jenkins controller file system as long as they contain a file called 'history.xml'...
CVE-2023-41932
The CVE-2023-41932 entry affects Jenkins Job Configuration History Plugin 1227.v7a_79fc4dc01f and earlier. The root cause is that the plugin does not restrict the 'timestamp' query parameter across multiple endpoints, which can allow an attacker to delete attacker-specified directories on the Jen...
CVE-2023-41932
Jenkins Job Configuration History Plugin 1227.v7a79fc4dc01f and earlier does not restrict 'timestamp' query parameters in multiple endpoints, allowing attackers with to delete attacker-specified directories on the Jenkins controller file system as long as they contain a file called 'history.xml'...
CVE-2023-41932
Jenkins Job Configuration History Plugin 1227.v7a79fc4dc01f and earlier does not restrict 'timestamp' query parameters in multiple endpoints, allowing attackers with to delete attacker-specified directories on the Jenkins controller file system as long as they contain a file called 'history.xml'...