Responses to POST requests that do not set a CSRF crumb/token may in very rare cases change in unexpected ways due to the fix for SECURITY-1774.
Missing: book/ | Show results with:book/
CSRF Protection · Rendering User Content · Access ... Access to URLs provided by the security ... While the vast majority of URLs in Jenkins are by default ...
Jul 12, 2023 · mabl Plugin 0.0.47 defines the appropriate context for credentials lookup. CSRF vulnerability and missing permission checks in mabl Plugin allow ...
Missing: book/ | Show results with:book/
Aug 16, 2023 · Descriptions. CSRF vulnerability in Folders Plugin may approve unsandboxed scripts. SECURITY-3106 / CVE-2023-40336. Severity (CVSS): High
Missing: book/ | Show results with:book/
Sep 6, 2023 · Description: Job Configuration History Plugin 1227.v7a_79fc4dc01f and earlier does not restrict a name query parameter when rendering a history ...
Missing: book/ | Show results with:book/
Wherever possible, do not use it to allow bypassing CSRF protection. Since Jenkins 2.96, requests using Basic authentication providing an API token do not need ...
May 17, 2022 · This is intended to be used to allow Global Shared Libraries to execute without sandbox protection. In Pipeline: Groovy Plugin 2689.
Missing: book/ | Show results with:book/
Security advisories are the primary way to publicly inform Jenkins users about security issues in Jenkins and Jenkins plugins. You can find all past security ...
Missing: book/ protection/
... CSRF token (crumb) since Jenkins 2.96. To disable ... Learn more: https://jenkins.io/redirect/stapler-facet-restrictions ... jenkins.security.stapler.
Missing: book/ | Show results with:book/
Dec 13, 2023 · CSRF vulnerability and missing permission checks in Nexus Platform Plugin allow XXE. SECURITY-3204 / CVE-2023-50766 (CSRF), CVE-2023-50767 ( ...
Missing: book/ | Show results with:book/