CVE-2023-2848 - How a Missing Header Let Attackers Hijack WebSockets in Movim (Pre-.22)
In the world of open-source social networking, security can sometimes be overlooked. That happened in Movim, a decentralized social platform built on XMPP. Before version
CVE-2023-41935 - Exploiting Timing Attacks in Jenkins Azure AD Plugin (396.v86ce29279947 and Earlier)
Jenkins is a widely used automation server for building, testing, and deploying software projects. With countless plugins for integration, security is always a top concern.
CVE-2023-41931 - Exploiting Jenkins Job Configuration History Plugin XSS Vulnerability (Detailed Walkthrough)
Jenkins is one of the most widely used open-source automation servers for continuous integration and continuous delivery (CI/CD). Plugins expand Jenkins features but sometimes
CVE-2023-41944 - Unpacking the Jenkins AWS CodeCommit Trigger Plugin HTML Injection Vulnerability
Published: Summer 2024
Severity: Medium
Affected software: Jenkins AWS CodeCommit Trigger Plugin 3..12 and earlier
Jenkins is a popular automation server used for building,
CVE-2023-41946 - How a CSRF in Jenkins Frugal Testing Plugin Lets Attackers Steal Test Data
A serious vulnerability, CVE-2023-41946, was discovered in the Jenkins Frugal Testing Plugin (versions 1.1 and below). This plugin, meant to help developers run automated
Episode
00:00:00
00:00:00