Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5324)

Description

Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to queue/api.

Remediation

References

Related Vulnerabilities

WordPress Plugin Advertizer 'id' Parameter SQL Injection (1.0)

e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-4947)

Magento Improper Input Validation Vulnerability (CVE-2021-28585)

WordPress Plugin Mapwiz SQL Injection (1.0.1)

Oracle Application Server CVE-2006-3711 Vulnerability (CVE-2006-3711)

Severity

Medium

Classification

CVE-2015-5324 CWE-264

Tags

Missing Update Known Vulnerabilities