Количество 2
Количество 2
CVE-2023-32992
Missing permission checks in Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML.
GHSA-3xf9-pgc2-mr9c
Jenkins SAML Single Sign On(SSO) Plugin missing permission checks
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-32992 Missing permission checks in Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML. | CVSS3: 8.8 | 1% Низкий | больше 2 лет назад |
| GHSA-3xf9-pgc2-mr9c Jenkins SAML Single Sign On(SSO) Plugin missing permission checks | CVSS3: 7.1 | 1% Низкий | больше 2 лет назад |
Уязвимостей на страницу