CVE-2019-10290
CVE-2019-10290
A missing permission check in Jenkins Netsparker Cloud Scan Plugin 1.1.5 and older in the NCScanBuilder.DescriptorImpl#doValidateAPI form validation method allowed attackers with Overall/Read permission to initiate a connection to an attacker-specified server.
Produtos afetados
Jenkins project · Jenkins Netsparker Cloud Scan PluginQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →