CVE-2023-41940 - Exploiting Stored XSS in Jenkins TAP Plugin (Advisory, Exploit, and Mitigation Guide)
Jenkins is a widely used open-source automation server, critical for building and deploying many projects worldwide. However, plugins can sometimes introduce security holes if not
CVE-2023-41935 - Exploiting Timing Attacks in Jenkins Azure AD Plugin (396.v86ce29279947 and Earlier)
Jenkins is a widely used automation server for building, testing, and deploying software projects. With countless plugins for integration, security is always a top concern.
CVE-2023-41934 - How Jenkins Pipeline Maven Integration Plugin Leaked Usernames in Build Logs (with PoC)
If you rely on Jenkins and use the Pipeline Maven Integration Plugin, you may be exposing sensitive usernames in your build logs, even if you
CVE-2023-41931 - Exploiting Jenkins Job Configuration History Plugin XSS Vulnerability (Detailed Walkthrough)
Jenkins is one of the most widely used open-source automation servers for continuous integration and continuous delivery (CI/CD). Plugins expand Jenkins features but sometimes
CVE-2023-41930 - Exploiting the Jenkins Job Configuration History Plugin (1227.v7a_79fc4dc01f and Earlier)
On September 2023, Jenkins revealed an important security vulnerability affecting its Job Configuration History Plugin. Identified as CVE-2023-41930, this vulnerability opens the doors for attackers
Episode
00:00:00
00:00:00