Improper Authorization Vulnerability in Jenkins Mercurial Plugin Allows Unauthorized Access to Node and User Information
CVE-2018-1000112 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
An improper authorization vulnerability exists in Jenkins Mercurial Plugin version 2.2 and earlier in MercurialStatus.java that allows an attacker with network access to obtain a list of nodes and users.
Learn more about our Network Penetration Testing.