CVE-2023-5036 - Exploiting CSRF in usememos/memos (Before .15.1)
If you use the open-source project memos, you should be aware of a critical security flaw tracked as CVE-2023-5036. In versions before
CVE-2023-2848 - How a Missing Header Let Attackers Hijack WebSockets in Movim (Pre-.22)
In the world of open-source social networking, security can sometimes be overlooked. That happened in Movim, a decentralized social platform built on XMPP. Before
CVE-2023-41935 - Exploiting Timing Attacks in Jenkins Azure AD Plugin (396.v86ce29279947 and Earlier)
Jenkins is a widely used automation server for building, testing, and deploying software projects. With countless plugins for integration, security is always a top concern.
CVE-2023-41931 - Exploiting Jenkins Job Configuration History Plugin XSS Vulnerability (Detailed Walkthrough)
Jenkins is one of the most widely used open-source automation servers for continuous integration and continuous delivery (CI/CD). Plugins expand Jenkins features but
CVE-2023-41944 - Unpacking the Jenkins AWS CodeCommit Trigger Plugin HTML Injection Vulnerability
Published: Summer 2024
Severity: Medium
Affected software: Jenkins AWS CodeCommit Trigger Plugin 3..12 and earlier
Jenkins is a popular automation server used for building,
Episode
00:00:00
00:00:00