CVE-2015-7539

CVE-2015-7539 · HIGH Severity

AV:N/AC:H/AU:N/C:C/I:C/A:C

The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 does not verify checksums for plugin files referenced in update site data, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted plugin.

Learn more about our Web Application Penetration Testing UK.