CVE-2023-40348 - Inside Jenkins Gogs Plugin Info Disclosure Flaw (With Exploit Example)
CVE-2023-40348 is an information disclosure vulnerability found in the Jenkins Gogs Plugin, specifically versions 1..15 and earlier. This issue gives unauthenticated attackers the ability
CVE-2023-40339 - How Jenkins Config File Provider Plugin Leaks Plaintext Credentials in Build Logs
Date Discovered: August 16, 2023
Affected Plugin: Jenkins Config File Provider Plugin
Impacted Versions: 952.va_544a_6234b_46 and earlier
TL;DR
A serious
CVE-2023-40346 - Exploiting XSS in Jenkins Shortcut Job Plugin (.4 and earlier) - Simple Explained with Code Example
Jenkins is a popular automation server used for continuous integration and delivery (CI/CD). But sometimes, plugins can introduce security issues. Recently, a critical vulnerability
CVE-2023-40351 - How a CSRF in Jenkins Favorite View Plugin Lets Attackers Mess with Your Favorites
Jenkins is everywhere in the DevOps world, and plugins are like its building blocks. One of those plugins, Favorite View Plugin up to version 5.
CVE-2023-40343 - How Jenkins Tuleap Authentication Plugin Leaks Tokens via Timing Attacks
## Introduction
Jenkins is one of the world’s most famous automation servers. It relies heavily on plugins to deliver its powers, and authentication plugins are
Episode
00:00:00
00:00:00