4 matches found
CVE-2023-49653
Jenkins Jira Plugin 3.11 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to...
CVE-2023-49653
Jenkins Jira Plugin 3.11 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to...
CVE-2023-49653
CVE-2023-49653 affects the Jenkins Jira Plugin (versions 3.11 and earlier). The root cause is that the plugin does not set the appropriate context for credentials lookup, enabling attackers with Item/Configure permission to access and capture credentials they are not entitled to. Remediation: upg...
Jenkins plugins Multiple Vulnerabilities (2023-11-29)
According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Medium Jira Plugin 3.11 and earlier does not set the appropriate context for credentials lookup, allowing the use of system-scoped...