5 matches found
CVE-2023-4301
A cross-site request forgery CSRF vulnerability in Jenkins Fortify Plugin 22.1.38 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2023-4301
CVE-2023-4301 is a CSRF vulnerability in Jenkins Fortify Plugin (versions 22.1.38 and earlier). The issue arises because the plugin does not perform permission checks on several HTTP endpoints and endpoints do not require POST requests. This allows attackers with Overall/Read permission to connec...
CVE-2023-4301 CSRF vulnerability in Fortify Plugin allow capturing credentials
A cross-site request forgery CSRF vulnerability in Jenkins Fortify Plugin 22.1.38 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2023-4301
A cross-site request forgery CSRF vulnerability in Jenkins Fortify Plugin 22.1.38 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2023-4301 CSRF vulnerability in Fortify Plugin allow capturing credentials
A cross-site request forgery CSRF vulnerability in Jenkins Fortify Plugin 22.1.38 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...