CSRF Protection · Rendering User Content · Access ... Access to URLs provided by the security ... While the vast majority of URLs in Jenkins are by default ...
Aug 16, 2023 · Descriptions. CSRF vulnerability in Folders Plugin may approve unsandboxed scripts. SECURITY-3106 / CVE-2023-40336. Severity (CVSS): High
Missing: book/ | Show results with:book/
Jenkins can expose a TCP port that allows inbound agents to connect to it. It can be enabled, disabled, and configured in Manage Jenkins » Security. The two ...
Jul 12, 2023 · mabl Plugin 0.0.47 defines the appropriate context for credentials lookup. CSRF vulnerability and missing permission checks in mabl Plugin allow ...
Missing: book/ | Show results with:book/
Sep 6, 2023 · Description: Job Configuration History Plugin 1227.v7a_79fc4dc01f and earlier does not restrict a name query parameter when rendering a history ...
Missing: book/ | Show results with:book/
Wherever possible, do not use it to allow bypassing CSRF protection. Since Jenkins 2.96, requests using Basic authentication providing an API token do not need ...
... CSRF token (crumb) since Jenkins 2.96. To disable ... Learn more: https://jenkins.io/redirect/stapler-facet-restrictions ... jenkins.security.stapler.
Missing: book/ | Show results with:book/
Dec 13, 2023 · CSRF vulnerability and missing permission checks in Nexus Platform Plugin allow XXE. SECURITY-3204 / CVE-2023-50766 (CSRF), CVE-2023-50767 ( ...
Missing: book/ | Show results with:book/
Jun 14, 2023 · CSRF protection bypass vulnerability · SSL/TLS certificate validation disabled by default in Checkmarx Plugin · Missing permission checks in Team ...
Missing: book/ | Show results with:book/
Jan 24, 2023 · This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection ...
Missing: book/ | Show results with:book/