Responses to POST requests that do not set a CSRF crumb/token may in very rare cases change in unexpected ways due to the fix for SECURITY-1774.
Missing: book/ | Show results with:book/
CSRF Protection · Rendering User Content · Access ... Access to URLs provided by the security ... While the vast majority of URLs in Jenkins are by default ...
Aug 16, 2023 · Descriptions. CSRF vulnerability in Folders Plugin may approve unsandboxed scripts. SECURITY-3106 / CVE-2023-40336. Severity (CVSS): High
Missing: book/ | Show results with:book/
Sep 6, 2023 · Description: Job Configuration History Plugin 1227.v7a_79fc4dc01f and earlier does not restrict a name query parameter when rendering a history ...
Missing: book/ | Show results with:book/
https://jenkins.io. Description: Allows tweaking ... Restore the ability to disable CSRF protection after the UI for doing so was removed from Jenkins 2.222.
... CSRF token (crumb) since Jenkins 2.96. To disable ... Learn more: https://jenkins.io/redirect/stapler-facet-restrictions ... jenkins.security.stapler.
Missing: book/ | Show results with:book/
Jun 14, 2023 · CSRF protection bypass vulnerability · SSL/TLS certificate validation disabled by default in Checkmarx Plugin · Missing permission checks in Team ...
Missing: book/ | Show results with:book/
Jan 24, 2023 · This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection ...
Missing: book/ | Show results with:book/
May 17, 2022 · This is intended to be used to allow Global Shared Libraries to execute without sandbox protection. In Pipeline: Groovy Plugin 2689.
Missing: book/ | Show results with:book/
Security advisories are the primary way to publicly inform Jenkins users about security issues in Jenkins and Jenkins plugins. You can find all past security ...
Missing: book/ protection/