Lucene search

K
vulnrichmentJenkinsVULNRICHMENT:CVE-2023-41930
HistorySep 06, 2023 - 12:08 p.m.

CVE-2023-41930

2023-09-0612:08:52
jenkins
github.com
jenkins
configuration
history
plugin
manipulated
cve-2023-41930

AI Score

6.6

Confidence

High

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

Jenkins Job Configuration History Plugin 1227.v7a_79fc4dc01f and earlier does not restrict the ‘name’ query parameter when rendering a history entry, allowing attackers to have Jenkins render a manipulated configuration history that was not created by the plugin.

AI Score

6.6

Confidence

High

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

Related for VULNRICHMENT:CVE-2023-41930