36 matches found
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password...
CVE-2021-21655
CVE-2021-21655 is a CSRF vulnerability in Jenkins P4 Plugin
CVE-2021-21655
A cross-site request forgery CSRF vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password...
CVE-2021-21654
Jenkins P4 Plugin 1.11.4 and earlier does not perform permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified Perforce server using attacker-specified username and password...
CVE-2021-21654
CVE-2021-21654 affects Jenkins P4 Plugin (versions 1.11.4 and earlier). The vulnerability arises from missing permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read to connect to an attacker-specified Perforce server using attacker-controlled username and password. Imp...
Jenkins 跨站请求伪造漏洞
CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site request forgery...
CVE-2020-2142
A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Read permission to trigger builds...
CVE-2020-2141
A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers to trigger builds or add a labels in Perforce...
CVE-2020-2142
A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Read permission to trigger builds...
Cross site request forgery (csrf)
A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers to trigger builds or add a labels in Perforce...
Information disclosure
A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Read permission to trigger builds...
CVE-2020-2142
CVE-2020-2142 relates to the Jenkins P4 Plugin. The issue is a missing permission check in the P4 Plugin versions 1.10.10 and earlier, allowing attackers with Overall/Read permission to trigger builds (and, per some advisories, potentially add labels in Perforce). Affected component: Jenkins P4 P...
CVE-2020-2141
Jenkins P4 Plugin ≤1.10.10 is affected by a cross-site request forgery vulnerability that lets an attacker trigger builds or add labels in Perforce. Root cause: the web app does not adequately validate request origin. Impact: CSRF with I=Low, UI interaction required; no confidentiality or availab...
CVE-2020-2141
A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers to trigger builds or add a labels in Perforce...
CVE-2020-2142
A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Read permission to trigger builds...
PT-2020-15353 · Jenkins · Jenkins P4 Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins P4 Plugin versions 1.10.10 and earlier Description: A missing permission check in the Jenkins P4 Plugin allows attackers with Overall/Read permission to trigger builds or add labels in the Perforce repository. Recommendations: For...