CVE-2023-3414 - How a CSRF Flaw in Jenkins ServiceNow DevOps Plug-in Could Leak Your Secrets (and How to Fix It)
In June 2023, a security vulnerability (CVE-2023-3414) landed in popular DevOps circles, with potential to expose sensitive data from Jenkins environments using the ServiceNow DevOps
CVE-2023-39153 - How a Simple CSRF Bug Exposed Jenkins Users via GitLab Auth Plugin
Jenkins is a widely used automation server in software development. Many teams depend on Jenkins for building, testing, and deploying code. For easy and secure
CVE-2023-39156 - How A CSRF Vulnerability in Jenkins Bazaar Plugin Let Attackers Delete SCM Tags
In June 2023, a cross-site request forgery (CSRF) vulnerability, tracked as CVE-2023-39156, was discovered in the Jenkins Bazaar Plugin. This bug, present in version 1.
CVE-2023-29347 - Windows Admin Center Spoofing Vulnerability Explained with Example Exploit
On May 2023, Microsoft disclosed a security flaw in Windows Admin Center – identified as CVE-2023-29347. This vulnerability could let an attacker spoof authentication in Windows
CVE-2022-41766 - Username Disclosure via Rollback in MediaWiki (Explained with Example and Exploit Details)
CVE-2022-41766 is a privacy vulnerability found in MediaWiki, the popular open-source wiki platform that powers sites like Wikipedia and many others. This security issue is
Episode
00:00:00
00:00:00