CVE-2023-24438 - Capturing Jenkins Credentials via Misconfigured JIRA Pipeline Steps Plugin
In early 2023, Jenkins users and administrators were warned about a serious vulnerability tracked as CVE-2023-24438. This security flaw affects the popular "JIRA Pipeline
CVE-2022-3572 - Cross-Site Scripting (XSS) in GitLab Jira Connect Integration — How It Was Exploited and Why It Matters
In June 2022, a serious security issue—CVE-2022-3572—was discovered in GitLab Community and Enterprise editions (CE/EE). This vulnerability impacts all versions from 13.
CVE-2022-27949 - Unmasking Secrets in Apache Airflow – A Hands-On Deep Dive
CVE-2022-27949 is a security flaw found in Apache Airflow's web interface, which lets attackers read unmasked (i.e., real, plain-text) secrets in rendered
CVE-2022-2761 - How an Information Disclosure Bug in GitLab Leaked Restricted Resource Names via Jira Issues
In mid-2022, a vulnerability was uncovered in GitLab Community Edition (CE) and Enterprise Edition (EE), identified as CVE-2022-2761. This bug let attackers discover the names
CVE-2022-39960 The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks
An attacker with control over a victim’s Jira instance could use this flaw to export all groups from the Jira instance to a remote
Episode
00:00:00
00:00:00