CVE-2023-40336 - How a Simple CSRF Bug in Jenkins Folders Plugin Lets Attackers Copy Your Folders
On August 23, 2023, a new vulnerability was disclosed affecting Jenkins, the popular open-source automation server. Registered as CVE-2023-40336, this security flaw exists in the
CVE-2023-40341 - Exploiting CSRF in Jenkins Blue Ocean Plugin to Steal GitHub Credentials
In late 2023, a serious security flaw was found in the popular Blue Ocean plugin for Jenkins. Labeled CVE-2023-40341, this vulnerability allows external attackers to
CVE-2023-40351 - How a CSRF in Jenkins Favorite View Plugin Lets Attackers Mess with Your Favorites
Jenkins is everywhere in the DevOps world, and plugins are like its building blocks. One of those plugins, Favorite View Plugin up to version 5.
CVE-2023-40337 - Exploiting CSRF in Jenkins Folders Plugin to Copy Views Inside Folders
Jenkins is one of the world's most popular automation servers. It's used everywhere from tiny hobby projects to the biggest companies.
CVE-2023-0551 - How a Simple Authorization Flaw in WordPress REST API TO MiniProgram Plugin Lets Any Subscriber Delete Attachments
In early 2023, a security vulnerability was discovered in the popular WordPress plugin REST API TO MiniProgram (version <= 4.6.1). This vulnerability, tracked
Episode
00:00:00
00:00:00