Описание
Arbitrary code execution vulnerability in Jenkins Speaks! Plugin
Jenkins Speaks! Plugin, all current versions, allows users with Job/Configure permission to run arbitrary Groovy code inside the Jenkins JVM, effectively elevating privileges to Overall/Run Scripts.
Пакеты
Наименование
org.jvnet.hudson.plugins:speaks
maven
Затронутые версииВерсия исправления
<= 0.1.1
Отсутствует
Связанные уязвимости
CVSS3: 8.8
nvd
около 8 лет назад
Jenkins Speaks! Plugin, all current versions, allows users with Job/Configure permission to run arbitrary Groovy code inside the Jenkins JVM, effectively elevating privileges to Overall/Run Scripts.