Attackers Can Trigger Builds with Item/Read Permission
CVE-2024-28159
Currently unrated
Key Information:
- Vendor
- Jenkins
- Vendor
- CVE Published:
- 6 March 2024
Summary
A missing permission check in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers with Item/Read permission to trigger a build.
Affected Version(s)
Jenkins Subversion Partial Release Manager Plugin 0 <= 1.0.1
References
Timeline
Vulnerability published
Vulnerability Reserved