Jenkins GitHub Pull Request Builder Plugin Local File Access Vulnerability

Jenkins GitHub Pull Request Builder Plugin Local File Access Vulnerability

CVE-2018-1000143 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

An exposure of sensitive information vulnerability exists in Jenkins GitHub Pull Request Builder Plugin version 1.39.0 and older in GhprbCause.java that allows an attacker with local file system access to obtain GitHub credentials.

Learn more about our Web Application Penetration Testing UK.