Missing permission checks in Jenkins MATLAB Plugin 2.11.0 and earlier allow attackers to have Jenkins parse an XML file from the Jenkins controller file system.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: jenkins

Published: 2023-11-29T13:45:10.938Z

Updated: 2024-08-02T22:01:25.660Z

Reserved: 2023-11-28T21:18:14.327Z

Link: CVE-2023-49654

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-11-29T14:15:07.570

Modified: 2024-11-21T08:33:40.030

Link: CVE-2023-49654

cve-icon Redhat

No data.