Jenkins ≫ Digital.Ai App Management Publisher

2 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.

6.5

CVE-2023-35148

EPSS 0.1%
Published 14.06.2023 13:15:12
Last modified 31.12.2024 18:15:24

A cross-site request forgery (CSRF) vulnerability in Jenkins Digital.ai App Management Publisher Plugin 2.6 and earlier allows attackers to connect to an attacker-specified URL, capturing credentials stored in Jenkins.

6.5

CVE-2023-35149

EPSS 0.05%
Published 14.06.2023 13:15:12
Last modified 30.12.2024 16:15:11

A missing permission check in Jenkins Digital.ai App Management Publisher Plugin 2.6 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL, capturing credentials stored in Jenkins.