Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Very High

CVE-2016-0792

Disclosure Date: April 07, 2016 (last updated October 05, 2023)
Multiple unspecified API endpoints in Jenkins before 1.650 and LTS before 1.642.2 allow remote authenticated users to execute arbitrary code via serialized data in an XML file, related to XStream and groovy.util.Expando.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
1
1