Show filters
6 Total Results
Displaying 1-6 of 6
Sort by:
Attacker Value
Unknown

CVE-2019-10411

Disclosure Date: September 25, 2019 (last updated October 26, 2023)
Jenkins Inedo BuildMaster Plugin 2.4.0 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2018-1999035

Disclosure Date: August 01, 2018 (last updated November 27, 2024)
A man in the middle vulnerability exists in Jenkins Inedo BuildMaster Plugin 1.3 and earlier in BuildMasterConfiguration.java, BuildMasterConfig.java, BuildMasterApi.java that allows attackers to impersonate any service that Jenkins connects to.
0
0
Attacker Value
Unknown

CVE-2017-16520

Disclosure Date: November 11, 2017 (last updated November 26, 2024)
Inedo BuildMaster before 5.8.2 does not properly restrict creation of RequireManageAllPrivileges event listeners.
0
0
Attacker Value
Unknown

CVE-2017-16761

Disclosure Date: November 10, 2017 (last updated November 26, 2024)
An Open Redirect vulnerability in Inedo BuildMaster before 5.8.2 allows remote attackers to redirect users to arbitrary web sites.
0
0
Attacker Value
Unknown

CVE-2017-16521

Disclosure Date: November 10, 2017 (last updated November 26, 2024)
In Inedo BuildMaster before 5.8.2, XslTransform was used where XslCompiledTransform should have been used.
0
0
Attacker Value
Unknown

CVE-2017-16760

Disclosure Date: November 10, 2017 (last updated November 26, 2024)
Inedo BuildMaster before 5.8.2 has XSS.
0
0