Hi Christian, You should create an issue in the Jenkins bug tracker under the "Security Issues" project.
This project has restricted access so only the select few will be able to see your report. See https://wiki.jenkins-ci.org/display/JENKINS/Security+Advisories for more info. /James On Thursday, 29 August 2013 11:36:04 UTC+1, Christian Catalano wrote: > > Hi everyone, > > I am executing a PT for my company... in my targets there is a server > with a Jenkins application. > > I think I have found a severe security vulnerability so I would like to > know the right procedure to: > > - advise the jenkins team > - send the documentation to explait the vulnerability and to prove it > - how I can obtain a CVE Identifier > > > Best regards > Christian > > -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
