cpe:2.3:a:jenkins:job_and_node_ownership:0.13.0:*:*:*:*:jenkins:*:*
A cross-site request forgery (CSRF) vulnerability in Jenkins Job and Node ownership Plugin 0.13.0 and earlier allows attackers to restore the default ownership of a job.
Max CVSS
4.3
EPSS Score
0.09%
Published
2022-03-29
Updated
2023-11-03
A missing permission check in Jenkins Job and Node ownership Plugin 0.13.0 and earlier allows attackers with Item/Read permission to change the owners and item-specific permissions of a job.
Max CVSS
4.3
EPSS Score
0.06%
Published
2022-03-29
Updated
2023-11-03
A cross-site request forgery (CSRF) vulnerability in Jenkins Job and Node ownership Plugin 0.13.0 and earlier allows attackers to change the owners and item-specific permissions of a job.
Max CVSS
8.8
EPSS Score
0.08%
Published
2022-03-29
Updated
2023-11-03
Jenkins Job and Node ownership Plugin 0.13.0 and earlier does not escape the names of the secondary owners, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
Max CVSS
5.4
EPSS Score
0.05%
Published
2022-03-29
Updated
2023-11-03
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!