Mar 6, 2024 · Stored XSS vulnerability in iceScrum Plugin ... Description: iceScrum Plugin 1.1.6 and earlier does not sanitize iceScrum project URLs on build ...

Jul 12, 2023 · mabl Plugin 0.0.47 defines the appropriate context for credentials lookup. CSRF vulnerability and missing permission checks in mabl Plugin allow ...

Jun 14, 2023 · CSRF protection bypass vulnerability · SSL/TLS certificate validation disabled by default in Checkmarx Plugin · Missing permission checks in Team ...

Mar 8, 2023 · Search K. Jenkins Security Home ... Custom update site URLs (i.e., not https://updates.jenkins.io ... Additionally, the Jenkins security team has ...

May 16, 2023 · The Jenkins security team is not aware of any plugins that allow the exploitation of this vulnerability, as the build name must be set before ...

Jul 26, 2023 · As of the publication of this advisory, the Jenkins security team is not aware of other plugins with a similar issue. CSRF vulnerability in ...

Aug 16, 2023 · Blue Ocean Plugin 1.27.5.1 uses the configured SCM URL, instead of a user-specified URL provided as a parameter to the HTTP endpoint. CSRF ...

Dec 13, 2023 · Scriptler Plugin 342.v6a_89fd40f466 and earlier does not restrict a file name query parameter in an HTTP endpoint. This allows attackers with ...

Nov 29, 2023 · Jira Plugin 3.12 defines the appropriate context for credentials lookup. Incorrect permission checks in Google Compute Engine Plugin. SECURITY- ...

Search K. Jenkins Security Home. For Administrators ... These are some contributions by members of the Jenkins security team ... Resource Root URL: Support serving ...