CVE-2023-41932 - Exploiting the Jenkins Job Configuration History Plugin to Delete Arbitrary Directories
The software development world relies heavily on automation tools like Jenkins. Many teams use plugins to extend Jenkins’ features. But sometimes, a plugin exposes a
CVE-2023-40338 - Jenkins Folders Plugin File Path Disclosure Exploit Explained
If you’re using Jenkins for continuous integration (CI/CD), you likely depend on plugins to extend its core functionality. But plugins can sometimes introduce
CVE-2023-3398 - Denial of Service in drawio Before 18.1.3 – Everything You Need to Know
In June 2023, a vulnerability was discovered in the popular diagramming tool drawio (jgraph/drawio) that could crash the whole server. The bug, tracked as
CVE-2023-29525 - Critical XWiki Code Injection via “since” Parameter – Exploit Details and Secure Fixes
Published: June 2024
Introduction
CVE-2023-29525 is a serious security vulnerability affecting multiple versions of XWiki Platform, an extensible open-source wiki and application platform. Attackers can
CVE-2022-44726 - Exploiting XSS in TouchDown Timesheet Tracking Component 4.1.4 for Jira (Calendar View)
Cross-site Scripting (XSS) vulnerabilities enable attackers to inject malicious scripts into web applications. CVE-2022-44726 is one of these critical bugs, found in TouchDown Timesheet Tracking
Episode
00:00:00
00:00:00