Download
| Alert*
oval:org.secpod.oval:def:63047
The host is installed with Jenkins LTS through 2.204.5 or Jenkins rolling release through 2.227 and is prone to a cross-site-request-forgery vulnerability. A flaw is present in the application, which fails to properly handle crafted URLs. Successful exploitation could allow attackers to bypass CSRF ... oval:org.secpod.oval:def:63046 The host is installed with Jenkins LTS through 2.204.5 or Jenkins rolling release through 2.227 and is prone to a cross-site-request-forgery vulnerability. A flaw is present in the application, which fails to properly handle crafted URLs. Successful exploitation could allow attackers to bypass CSRF ... oval:org.secpod.oval:def:1802007 Jenkins 2.227 and earlier, LTS 2.204.5 and earlier uses different representations of request URL paths, which allows attackers to craft URLs that allow bypassing CSRF protection of any target URL. oval:org.secpod.oval:def:63054 The host is installed with Jenkins LTS through 2.204.5 or Jenkins rolling release through 2.227 and is prone to a cross-site-request-forgery vulnerability. A flaw is present in the application, which fails to properly handle crafted URLs. Successful exploitation could allow attackers to bypass CSRF ... oval:org.secpod.oval:def:62817 The host is installed with Jenkins LTS through 2.204.5 or Jenkins rolling release through 2.227 and is prone to a cross-site-request-forgery vulnerability. A flaw is present in the application, which fails to properly handle crafted URLs. Successful exploitation could allow attackers to bypass CSRF ... |