Lucene search
PRIOn knowledge basePRION:CVE-2024-28155HistoryMar 06, 2024 - 5:15 p.m.
Design/Logic Flaw
2024-03-0617:15:00
PRIOn knowledge base
www.prio-n.com
9
design flaw
logic flaw
jenkins appspider plugin
permission checks
http endpoints
information disclosure
Jenkins AppSpider Plugin 1.0.16 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to obtain information about available scan config names, engine group names, and client names.
Related
github
github
Jenkins AppSpider Plugin missing permission checks
2024-03-06 18:30:38
nvd
nvd
CVE-2024-28155
2024-03-06 17:15:10
cvelist
cvelist
CVE-2024-28155
2024-03-06 17:01:58
osv
osv
Jenkins AppSpider Plugin missing permission checks
2024-03-06 18:30:38
cve
cve
CVE-2024-28155
2024-03-06 17:15:10
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2024-03-06)
2024-03-07 00:00:00