CVE-2023-41931 - Exploiting Jenkins Job Configuration History Plugin XSS Vulnerability (Detailed Walkthrough)
Jenkins is one of the most widely used open-source automation servers for continuous integration and continuous delivery (CI/CD). Plugins expand Jenkins features but sometimes
CVE-2023-41947 - Exploiting Missing Permission Checks in Jenkins Frugal Testing Plugin
In September 2023, a security vulnerability labeled CVE-2023-41947 was disclosed in the Jenkins ecosystem. The bug was found in the Frugal Testing Plugin up to
CVE-2023-39264 - Apache Superset Stack Trace Exposure in REST API (Up to 2.1.) – Exploit Details and Security Insights
Date: June 2024
Author: [Exclusive Post for Your Eyes Only]
Apache Superset is one of the most popular open-source data exploration and visualization platforms in
CVE-2023-36387 - How Improper Default REST API Permissions in Apache Superset Expose Sensitive Database Operations
---
Introduction
In June 2023, a significant security issue was disclosed in Apache Superset—an open-source data visualization and exploration platform. The vulnerability, identified as
CVE-2023-36388 - How Improper REST API Permission in Apache Superset (≤ 2.1.) Can Lead to SSRF for Authenticated Gamma Users
Apache Superset is a popular open-source data visualization platform, used by businesses and data teams everywhere. But even the best tools sometimes have dangerous flaws.
Episode
00:00:00
00:00:00