Description

Jenkins before 1.502 allows remote authenticated users to configure an otherwise restricted project via vectors related to post-build actions.

Remediation

References

CVE-2013-7330

Related Vulnerabilities

WordPress Plugin WP Learn Manager Security Bypass (1.1.4)

OpenSSL Improper Access Control Vulnerability (CVE-2016-7054)

Ruby on Rails Improper Authentication Vulnerability (CVE-2012-3424)

WordPress Plugin Hunk External Links Cross-Site Scripting (3.0.5)

WordPress Plugin Lazyest Backup 'xml_or_all' Parameter Cross-Site Scripting (0.2.1)

Severity

Medium

Classification

CVE-2013-7330 CWE-264

Tags

Missing Update Known Vulnerabilities