3 matches found
EUVD-2015-1936
Malware in sbrugna...
GHSA-3269-JQP5-V8C9 Jenkins allows for Privilege Escalation by Remote Authenticated Users
The API token-issuing service in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to gain privileges via a "forced API token change" involving anonymous users...
jenkins: forced API token change (SECURITY-180)
A flaw was found in the Jenkins API token-issuing service. The service was not properly protected against anonymous users, potentially allowing remote attackers to escalate privileges...