daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhancement: cves/2018/CVE-2018-1000861.yaml by mp

patch-1
MostInterestingBotInTheWorld 2022-05-12 15:41:48 -04:00
parent dcbe8fac70
commit ad6637e1d7
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cves/2018/CVE-2018-1000861.yaml
View File

@ -1,7 +1,7 @@
id: CVE-2018-1000861
info:
name: Jenkins <=2.153 - Remote Command Injection
name: Jenkins - Remote Command Injection
author: dhiyaneshDK,pikpikcu
severity: critical
description: Jenkins 2.153 and earlier and LTS 2.138.3 and earlier are susceptible to a remote command injection via stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java that allows attackers to invoke some methods on Java objects by accessing crafted URLs that were not intended to be invoked this way.