GHSA-5532-PRRF-RF5X Arbitrary code execution vulnerability in Jenkins Speaks! Plugin

Jenkins Speaks! Plugin, all current versions, allows users with Job/Configure permission to run arbitrary Groovy code inside the Jenkins JVM, effectively elevating privileges to Overall/Run Scripts...

CloudBees Jenkins Speaks! plugin arbitrary code execution vulnerability

CloudBees Jenkins formerly known as Hudson Labs is a set of Java-based continuous integration tools from CloudBees, Inc. that are used to monitor the order of repetitive work.Speaks! Plugin is a voice plugin used in... A security vulnerability exists in the CloudBees Jenkins Speaks! plugin. An...

Elevation Of Privileges

speaks is vulnerable to elevation of privileges. Users who have the Job/Configure permission can run Groovy code inside the Jenkins JVM, elevating their privilege to Overall/Run Scripts...

CVE-2017-1000403

Jenkins Speaks! Plugin, all current versions, allows users with Job/Configure permission to run arbitrary Groovy code inside the Jenkins JVM, effectively elevating privileges to Overall/Run Scripts...

CVE-2017-1000403

Jenkins Speaks! Plugin, all current versions, allows users with Job/Configure permission to run arbitrary Groovy code inside the Jenkins JVM, effectively elevating privileges to Overall/Run Scripts...

Code injection

Jenkins Speaks! Plugin, all current versions, allows users with Job/Configure permission to run arbitrary Groovy code inside the Jenkins JVM, effectively elevating privileges to Overall/Run Scripts...

CVE-2017-1000403

The CVE-2017-1000403 entry concerns the Jenkins Speaks! Plugin, where any user with Job/Configure permission can execute arbitrary Groovy code inside the Jenkins JVM, effectively elevating privileges to Overall/Run Scripts. The published sources (SUSE, SUSE CVE page, GN GHSA, CNVD, CVE details) d...