CVEDB API - Fast Vulnerability Dashboard

Vulnerabilities

Vulnerable Software

Jenkins: >> Fortify >> 20.2.35 Security Vulnerabilities

CVE-2023-4301

A cross-site request forgery (CSRF) vulnerability in Jenkins Fortify Plugin 22.1.38 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

CVSS Score

4.2

EPSS Score

0.003

Published

2023-08-21

CVE-2023-4302

A missing permission check in Jenkins Fortify Plugin 22.1.38 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

CVSS Score

4.2

EPSS Score

0.002

Published

2023-08-21

CVE-2023-4303

Jenkins Fortify Plugin 22.1.38 and earlier does not escape the error message for a form validation method, resulting in an HTML injection vulnerability.

CVSS Score

4.3

EPSS Score

0.003

Published

2023-08-21

Page 1

Products

Pricing

Contact Us

support@shodan.io

Shodan ® - All rights reserved