Vulnerability & Exploit Database

Back to search

Jenkins Advisory 2016-02-24: CVE-2016-0792: Remote code execution through remote API

Severity CVSS Published Added Modified
9 (AV:N/AC:L/Au:S/C:C/I:C/A:C) April 06, 2016 November 12, 2017 January 07, 2018

Available Exploits 


Multiple unspecified API endpoints in Jenkins before 1.650 and LTS before 1.642.2 allow remote authenticated users to execute arbitrary code via serialized data in an XML file, related to XStream and groovy.util.Expando.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now