Jenkins: >> Digital.ai App Management Publisher >> 1.2.7 Security Vulnerabilities
A cross-site request forgery (CSRF) vulnerability in Jenkins Digital.ai App Management Publisher Plugin 2.6 and earlier allows attackers to connect to an attacker-specified URL, capturing credentials stored in Jenkins.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-06-14
A missing permission check in Jenkins Digital.ai App Management Publisher Plugin 2.6 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL, capturing credentials stored in Jenkins.
CVSS Score
6.5
EPSS Score
0.0
Published
2023-06-14