3 matches found
CVE-2022-20613
A cross-site request forgery CSRF vulnerability in Jenkins Mailer Plugin 391.ve4a38c1bcf4b and earlier allows attackers to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname...
PT-2022-14823 · Jenkins · Jenkins Mailer Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Mailer Plugin versions 391.ve4a 38c1b cf4b and earlier Jenkins Mailer Plugin versions prior to 408.vd726a 1130320 and 1.34.2 Description: A missing permission check in the Jenkins Mailer Plugin allows attackers with Overall/Read acces...
CVE-2020-10212
CVE-2020-10212 concerns Responsive FileManager. The vulnerability is an SSRF in upload.php via the url parameter, affecting 9.13.4 and 9.14.0, with the issue rooted in how file-extension blocking is handled and DNS hostnames resolving to internal IPs; this is noted as a consequence of an incomple...