GHSA-85RQ-HP8X-GHJQ Cross-Site Request Forgery in Jenkins Mailer Plugin

Jenkins Mailer Plugin prior to 408.vd726a1130320 and 1.34.2 does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read access to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname. Additionally, this form...

Jenkins Artifactory Plugin fillCredentialsIdItems information disclosure vulnerability

Summary An exploitable information disclosure vulnerability exists in the fillCredentialsIdItems endpoint of the Jenkins Artifactory Plugin 3.2.0 and 3.2.1. As a result of this vulnerability a crafted HTTP request from a user with Overall/Read permissions - such as an anonymous user, if enabled -...

Snapchat: RCE/LFI on test Jenkins instance due to improper authentication flow

@nahamsec found a test Jenkins instance where they could login with any valid Google account. Once logged in, they gained the ability to execute arbitrary code via the Jenkins Script Console. This was a test jenkins instance with no access to source code or resources. Methodology Here is the...

██████: AWS Credentials leaked: access to production database backups, SSL certs and more

I found a public accessible Jenkins instance: https://██████jenkins.██████.com This instance requires login, however, it is possible to register an account using the signup page: https://██████jenkins.██████.com/signup Arbitrary file reads From there it is possible to use the Jenkins Script Conso...