CVE-2024-56320

GoCD is a continuous deliver server. GoCD versions prior to 24.5.0 are vulnerable to admin privilege escalation due to improper authorization of access to the admin "Configuration XML" UI feature, and its associated API. A malicious insider/existing authenticated GoCD user with an existing GoCD...

PT-2025-1147 · Gocd · Gocd

Name of the Vulnerable Software and Affected Versions: GoCD versions prior to 24.5.0 Description: The issue is related to improper authorization of access to the admin "Configuration XML" UI feature and its associated API in the GoCD system, allowing a malicious insider or existing authenticated...