8 matches found
EUVD-2023-2071
Malicious code in bioql PyPI...
GHSA-8GC7-WHPH-RX5Q Jenkins Test Results Aggregator Plugin vulnerable to Cross Site Request Forgery
Jenkins Test Results Aggregator Plugin 1.2.13 and earlier does not perform a permission check in an HTTP endpoint implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password. Additionally,...
CVE-2023-37956
A missing permission check in Jenkins Test Results Aggregator Plugin 1.2.13 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials...
CVE-2023-37955
A cross-site request forgery CSRF vulnerability in Jenkins Test Results Aggregator Plugin 1.2.13 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials...
CVE-2023-37956
CVE-2023-37956 affects the Jenkins Test Results Aggregator Plugin,
CVE-2023-37955
CVE-2023-37955 affects Jenkins Test Results Aggregator Plugin (versions 1.2.13 and earlier). The vulnerability is a CSRF flaw in an HTTP endpoint that allows an attacker with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials, and the endpoint doe...
CVE-2023-37955
A cross-site request forgery CSRF vulnerability in Jenkins Test Results Aggregator Plugin 1.2.13 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials...
CVE-2023-37955
A cross-site request forgery CSRF vulnerability in Jenkins Test Results Aggregator Plugin 1.2.13 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials...