oss-sec mailing list archives
CSRF to RCE in Jenkins
From: Nicolas Grégoire <nicolas.gregoire () agarri fr>
Date: Tue, 01 Sep 2015 14:51:18 +0200
Hello, a CSRF to RCE exploit was published on Bugtraq last week. It affects Jenkins >= 1.626, including the latest public version. No CVE is affected (AFAIK) and an exploit should be added to the BeEF Project soon. Original post to Bugtraq: http://seclists.org/bugtraq/2015/Aug/161 BeEf devs working on an exploit for 1.627: https://twitter.com/bmantra/status/638680685084037120 Cheers, Nicolas
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- CSRF to RCE in Jenkins Nicolas Grégoire (Sep 01)