cve/CVE-2019-10321.md at e67cd2fdb0a3b693c8a19c46acadbde4fe3ee9dd

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-12-16 20:27:21 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

A cross-site request forgery vulnerability in Jenkins Artifactory Plugin 3.2.2 and earlier in ArtifactoryBuilder.DescriptorImpl#doTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

POC

Reference

https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0787

Github

No PoCs found on GitHub currently.

888 B Raw Blame History

CVE-2019-10321

Description

POC

Reference

Github

888 B

Raw Blame History