CSRF - CVE CyberSecurity Database News (Page 33)

Sep 6, 2023 CSRF XSS API Java Jenkins project Jenkins Job Configuration History Plugin

CVE-2023-41931 - Exploiting Jenkins Job Configuration History Plugin XSS Vulnerability (Detailed Walkthrough)

Jenkins is one of the most widely used open-source automation servers for continuous integration and continuous delivery (CI/CD). Plugins expand Jenkins features but sometimes

Sep 6, 2023 CSRF Jenkins project Jenkins AWS CodeCommit Trigger Plugin

CVE-2023-41944 - Unpacking the Jenkins AWS CodeCommit Trigger Plugin HTML Injection Vulnerability

Published: Summer 2024 Severity: Medium Affected software: Jenkins AWS CodeCommit Trigger Plugin 3..12 and earlier Jenkins is a popular automation server used for building,

Sep 6, 2023 CSRF Exploit Jenkins project Jenkins Frugal Testing Plugin

CVE-2023-41946 - How a CSRF in Jenkins Frugal Testing Plugin Lets Attackers Steal Test Data

A serious vulnerability, CVE-2023-41946, was discovered in the Jenkins Frugal Testing Plugin (versions 1.1 and below). This plugin, meant to help developers run automated

Sep 6, 2023 CSRF Exploit Jenkins project Jenkins AWS CodeCommit Trigger Plugin

CVE-2023-41942 - How a CSRF Flaw in Jenkins AWS CodeCommit Trigger Plugin Lets Attackers Clear SQS Queues

Jenkins is widely used for automation, and the AWS CodeCommit Trigger Plugin adds the ability to hook up AWS CodeCommit events with Jenkins jobs. But,

Sep 6, 2023 CSRF Exploit Apache Jenkins project Jenkins Ivy Plugin

CVE-2023-41938 - How a CSRF Vulnerability Could Let Attackers Delete Your Disabled Jenkins Ivy Modules

If you are using Jenkins to automate builds and deployments, you may have heard about its huge plugin ecosystem. One of the popular plugins is