Back to overview

CVE-2026-57291

Description
Missing permission checks in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allow attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method.

Metadata

CVE ID
CVE-2026-57291
State
PUBLISHED
Assigner
jenkins
Reserved
2026-06-24 08:41 UTC
Published
2026-06-24 13:20 UTC
Last updated
2026-06-24 13:20 UTC
Vendor / Product
Jenkins Project / Jenkins Gitee Plugin
Sources
cve.org  ·  NVD

Severity & Metrics

No CVSS data available.

Affected products (1)
VendorProductPlatformVersions
Jenkins Project Jenkins Gitee Plugin 0 ≤ 1288.v18b_deb_c9069b_
References (1)
Back to overview