Filtered by vendor Jenkins Subscriptions
Filtered by product Sounds Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-2098 1 Jenkins 1 Sounds 2024-11-21 8.8 High
A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0.5 and earlier allows attacker to execute arbitrary OS commands as the OS user account running Jenkins.
CVE-2020-2097 1 Jenkins 1 Sounds 2024-11-21 8.8 High
Jenkins Sounds Plugin 0.5 and earlier does not perform permission checks in URLs performing form validation, allowing attackers with Overall/Read access to execute arbitrary OS commands as the OS user account running Jenkins.