29 matches found
CVE-2025-27624
A cross-site request forgery CSRF vulnerability in Jenkins 2.499 and earlier, LTS 2.492.1 and earlier allows attackers to have users toggle their collapsed/expanded status of sidepanel widgets e.g., Build Queue and Build Executor Status widgets...
Information Exposure
Overview org.jenkins-ci.main:jenkins-core is an open source automation server. Affected versions of this package are vulnerable to Information Exposure via the sidepanel widgets in the CLI command overview and help pages. An attacker can obtain sensitive information by making a direct request to...
Jenkins has Information Disclosure via Sidepanel Widget
The sidepanel widgets in the CLI command overview and help pages in Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to the pages...
GHSA-4653-RMCH-3G2G Jenkins has Information Disclosure via Sidepanel Widget
The sidepanel widgets in the CLI command overview and help pages in Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to the pages...
jenkins: Information disclosure via sidepanel (SECURITY-192)
The sidepanel widgets in the CLI command overview and help pages in Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to the pages...
jenkins: Information disclosure via sidepanel (SECURITY-192)
The sidepanel widgets in the CLI command overview and help pages in Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to the pages...
CloudBees Jenkins Information Disclosure Vulnerability (CNVD-2015-07825)
CloudBees Jenkins is the open source continuous integration server. A security vulnerability exists in the sidepanel widget in the CLI command overview and help pages of CloudBees Jenkins 1.638, LTS before 1.625.2, which allows remote attackers to obtain sensitive information by directly requesti...
Information disclosure
The sidepanel widgets in the CLI command overview and help pages in Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to the pages...
Automne.ws CMS 4.0.0rc2 Multiple RFI Vulnerability
No description provided by source. Automne.ws CMS 4.0.0rc2 Multiple RFI Vulnerability Created By 1nd0n3s14n l4m3r c -- 14/12/2oo9 No Sanitize Variable $SERVER"DOCUMENTROOT" automne/imagezoom.php?DOCUMENTROOT=Shell automne/isalive.php?DOCUMENTROOT=Shell automne/admin/backtrace.php?DOCUMENTROOT=She...