24 matches found
CloudBees Jenkins Information Disclosure Vulnerability (CNVD-2018-03335)
CloudBees Jenkins formerly known as Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . A...
CloudBees Jenkins Information Disclosure Vulnerability (CNVD-2018-03332)
CloudBees Jenkins formerly known as Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . A...
Phabricator: IRC-Bot exposes information
You can setup the IRC-Bot, and set it into private channels, so that it posts only information about tasks into private channels. Example: T698 T698: Task title - https://url.example.org/T698 The problem is, that, if the bot is online in IRC, you can send him task numbers via private messages, an...
Cross site request forgery (csrf)
RESTful web services in CA Service Desk Manager 12.9 and CA Service Desk Management 14.1 might allow remote authenticated users to read or modify task information by leveraging incorrect permissions applied to a RESTful request...