Launch Week Day 1: Announcing Security Design Review
Start for Free
HIGH 8.8 Maven

Incorrect Authorization in Jenkins Script Security Plugin

GHSA-62pm-mgrh-7p69 · CVE-2019-16538

Published · Modified

Description

A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.67 and earlier related to the handling of default parameter expressions in closures allowed attackers to execute arbitrary code in sandboxed scripts.

References

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes