N/A

A missing permission check in Jenkins Team Foundation Server Plugin 5.157.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

N/A

N/A

Jenkins Team Foundation Server 安全漏洞

Jenkins Team Foundation Server是Jenkins开源的一个应用软件。提供了通过与管道兼容的步骤可用的功能。 Jenkins Team Foundation Server Plugin 5.157.1 and earlier 存在安全漏洞，该漏洞源于权限检查缺失。

N/A

N/A