Lucene search
K

60 matches found

OSV
OSV
added 2022/05/13 1:31 a.m.43 views

GHSA-G3RG-CJ5X-3VPF CSRF vulnerability in jenkins-reviewbot Plugin

A cross-site request forgery vulnerability in Jenkins jenkins-reviewbot Plugin in the ReviewboardDescriptordoTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server...

6.5CVSS6.3AI score0.01296EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/13 1:31 a.m.17 views

CSRF vulnerability in jenkins-reviewbot Plugin

A cross-site request forgery vulnerability in Jenkins jenkins-reviewbot Plugin in the ReviewboardDescriptordoTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server...

6.5CVSS6.6AI score0.01296EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/05/13 1:25 a.m.11 views

GHSA-6J5J-W6V4-RWQR Jenkins VMware Lab Manager Slaves Plugin vulnerable CSRF vulnerability

A cross-site request forgery vulnerability in Jenkins VMware Lab Manager Slaves Plugin in the LabManager.DescriptorImpldoTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server...

6.5CVSS6.3AI score0.00719EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/13 1:25 a.m.26 views

CSRF vulnerability in Jenkins Gearman Plugin

A cross-site request forgery vulnerability in Jenkins Gearman Plugin in the GearmanPluginConfigdoTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server...

6.5CVSS6.6AI score0.01296EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/13 1:25 a.m.20 views

CSRF vulnerability in Jenkins sinatra-chef-builder Plugin

A cross-site request forgery vulnerability in Jenkins Chef Sinatra Plugin in the ChefBuilderConfiguration.DescriptorImpldoTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server...

6.5CVSS6.6AI score0.01296EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/05/13 1:25 a.m.20 views

GHSA-8V26-3P83-MF2G Jenkins OpenID Plugin CSRF vulnerability

A cross-site request forgery vulnerability in Jenkins openid Plugin in the OpenIdSsoSecurityRealm.DescriptorImpldoValidate form validation method allows attackers to initiate a connection to an attacker-specified server...

6.5CVSS6.3AI score0.01312EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/05/13 1:25 a.m.32 views

CSRF vulnerability in Jenkins SOASTA CloudTest Plugin

A cross-site request forgery vulnerability in Jenkins SOASTA CloudTest Plugin in the CloudTestServer.DescriptorImpldoValidate form validation method allows attackers to initiate a connection to an attacker-specified server...

6.5CVSS6.6AI score0.01296EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/05/13 1:15 a.m.13 views

GHSA-2R46-CWGM-VVJX Missing permission check in Jenkins jenkins-reviewbot Plugin

A missing permission check in Jenkins jenkins-reviewbot Plugin in the ReviewboardDescriptordoTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...

6.5CVSS6.3AI score0.01486EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/13 1:15 a.m.18 views

Missing permission check in Jenkins jenkins-reviewbot Plugin

A missing permission check in Jenkins jenkins-reviewbot Plugin in the ReviewboardDescriptordoTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...

6.5CVSS6.5AI score0.01486EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/13 1:15 a.m.23 views

Missing permission check in Jenkins Netsparker Cloud Scan Plugin

A missing permission check in Jenkins Netsparker Cloud Scan Plugin 1.1.5 and older in the NCScanBuilder.DescriptorImpldoValidateAPI form validation method allowed attackers with Overall/Read permission to initiate a connection to an attacker-specified server...

6.5CVSS6.5AI score0.01536EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2022/03/09 5:15 p.m.17 views

Security feature bypass

A Reliance on Untrusted Inputs in a Security Decision vulnerability in the login proxy of the openSUSE Build service allowed attackers to present users with a expected login form that then sends the clear text credentials to an attacker specified server. This issue affects: openSUSE Build service...

6.8CVSS8.4AI score0.00895EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2019/08/07 3:15 p.m.20 views

CVE-2019-10389

A missing permission check in Jenkins Relution Enterprise Appstore Publisher Plugin 1.24 and earlier allows attackers to have Jenkins initiate an HTTP connection to an attacker-specified server...

4.3CVSS4.6AI score0.00615EPSS
Exploits0References2
Prion
Prion
added 2019/08/07 3:15 p.m.20 views

Cross site request forgery (csrf)

A cross-site request forgery vulnerability in Jenkins Relution Enterprise Appstore Publisher Plugin 1.24 and earlier allows attackers to have Jenkins initiate an HTTP connection to an attacker-specified server...

4.3CVSS4.5AI score0.00636EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/08/07 2:20 p.m.28 views

CVE-2019-10388

A cross-site request forgery vulnerability in Jenkins Relution Enterprise Appstore Publisher Plugin 1.24 and earlier allows attackers to have Jenkins initiate an HTTP connection to an attacker-specified server...

4.5AI score0.00636EPSS
Exploits0References2
Prion
Prion
added 2019/04/18 5:29 p.m.15 views

Cross site request forgery (csrf)

A cross-site request forgery vulnerability in Jenkins XebiaLabs XL Deploy Plugin in the CredentialdoValidateUserNamePassword form validation method allows attackers to initiate a connection to an attacker-specified server...

4.3CVSS6.3AI score0.00888EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2019/04/18 5:29 p.m.12 views

CVE-2019-10304

A cross-site request forgery vulnerability in Jenkins XebiaLabs XL Deploy Plugin in the CredentialdoValidateUserNamePassword form validation method allows attackers to initiate a connection to an attacker-specified server...

6.5CVSS6.6AI score
Exploits0References2
Cvelist
Cvelist
added 2019/04/18 4:54 p.m.26 views

CVE-2019-10305

A missing permission check in Jenkins XebiaLabs XL Deploy Plugin in the CredentialdoValidateUserNamePassword form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...

6.3AI score0.01051EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/04/18 4:54 p.m.30 views

CVE-2019-10304

A cross-site request forgery vulnerability in Jenkins XebiaLabs XL Deploy Plugin in the CredentialdoValidateUserNamePassword form validation method allows attackers to initiate a connection to an attacker-specified server...

6.3AI score0.00888EPSS
Exploits0References2
NVD
NVD
added 2019/04/04 4:29 p.m.33 views

CVE-2019-10279

A missing permission check in Jenkins jenkins-reviewbot Plugin in the ReviewboardDescriptordoTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...

6.5CVSS6.3AI score0.01486EPSS
Exploits0References3
OSV
OSV
added 2019/04/04 4:29 p.m.23 views

CVE-2019-1003087

A missing permission check in Jenkins Chef Sinatra Plugin in the ChefBuilderConfiguration.DescriptorImpldoTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...

6.5CVSS6.5AI score
Exploits0References3
Rows per page
Query Builder