[Bug 1819190] CVE-2020-2160 jenkins: CSRF protection bypass via crafted URLs

Author:



A vulnerability was found in Jenkins 2.227 and earlier, LTS 2.204.5 and earlier uses different representations of request URL paths, which allows attackers to craft URLs that allow bypassing CSRF protection of any target URL.



Source link

Write a comment:
*

Your email address will not be published.

RELATED STORIES
vamtam-theme-circle-post
Category Product Vulnerabilities

Third Generation Gangs Strategic Note No. 27: COVID-19 and Transnational Italian Mafias | #cyberfraud | #criminal | #cybersecurity | #informationsecurity | National Cyber Security

June 5, 2020
Third Generation Gangs Strategic Note No. 27: COVID-19 and Transnational Italian Mafias | #cyberfraud | #criminal...
Read More
Category Product Vulnerabilities

LG曝安全漏洞,影响过去7年的LG安卓智能手机

June 5, 2020
近日,韩国手机厂商LG公司发布了影响过去7年LG安卓智能手机的漏洞补丁,该漏洞CVE编号为CVE-2020-12753,影响LG智能手机的bootloader 组件。 与安卓操作系统不同,bootloader是与每个智能手机厂商的固件相对应的。是用户启动设备后运行的第一部分代码,确保智能手机固件和安卓操作系统以正确和安全的方式启动。 高通安卓启动过程如下: 而在实践中,设备的启动过程并没有那么简单,因为厂商一般都会对启动过程做一些修改。LG设备的启动过程中,对其他登陆和调试就行了修改、对SIM解锁假日了额外的TEE验证,在aboot中加入了厂商特定的快速启动命令等。 漏洞分析. Source link
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

CVE-2020-13848 – Alert Detail – Security Database

June 5, 2020
Executive Summary Informations Name CVE-2020-13848 First vendor Publication 2020-06-04 Vendor Cve Last vendor Modification 2020-06-04...
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

CVE-2020-12851 – Alert Detail – Security Database

June 5, 2020
Executive Summary Informations Name CVE-2020-12851 First vendor Publication 2020-06-04 Vendor Cve Last vendor Modification 2020-06-04...
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

CVE-2020-11682 – Alert Detail – Security Database

June 5, 2020
Executive Summary Informations Name CVE-2020-11682 First vendor Publication 2020-06-04 Vendor Cve Last vendor Modification 2020-06-04...
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

Barcode Reader Apps on Google Play Found Using New Ad Fraud Technique

June 5, 2020
By Jessie Huang (Mobile Threats Analyst) We recently saw two barcode reader apps in Google...
Read More
Category Product Vulnerabilities

Microsoft Security Advisory 3108638 | Microsoft Docs

June 5, 2020
10/11/2017 5 minutes to read ...
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

CVE-2020-10702 – Alert Detail – Security Database

June 5, 2020
Executive Summary Informations Name CVE-2020-10702 First vendor Publication 2020-06-04 Vendor Cve Last vendor Modification 2020-06-04...
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

CVE-2020-11679 – Alert Detail – Security Database

June 5, 2020
Executive Summary Informations Name CVE-2020-11679 First vendor Publication 2020-06-04 Vendor Cve Last vendor Modification 2020-06-04...
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

CVE-2020-7661 – Alert Detail – Security Database

June 5, 2020
Executive Summary Informations Name CVE-2020-7661 First vendor Publication 2020-06-04 Vendor Cve Last vendor Modification 2020-06-04...
Read More
digitpol
scale
element-support
Call Center
+31 55 8448040
element-map
Location

Global

International Cyber Crime Investigation

Digitpol is licensed by the Ministry of Justice: Licence Number POB1557

©Digitpol. All images and content are copyright of Digitpol and can not be used, replicated or reproduced without written permission. 2019.

Privacy  /   Terms and Policy   /   Site map  /   Contact