Jenkins AppSpider Plugin 1.0.16 and... CVE-2024-28155

- AV AC AU C I A
发布: 2024-03-06
修订: 2025-01-19

Jenkins AppSpider Plugin 1.0.16 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to obtain information about available scan config names, engine group names, and client names.

0%
暂无可用Exp或PoC
当前有1条受影响产品信息