VDB

CISA-2023-40349

CISA-2023-40349 PUBLISHED

Reported by jenkins · Published August 16, 2023

Jenkins Gogs Plugin 1.0.15 and earlier improperly initializes an option to secure its webhook endpoint, allowing unauthenticated attackers to trigger builds of jobs.

Affected Products

VendorProductVersions
Jenkins ProjectJenkins Gogs Plugin0
Jenkins ProjectJenkins Gogs Plugin0, 0

Timeline

  • Aug 16, 2023 CVE Published
  • Oct 8, 2024 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›