Ok I am doing it... is this the right procedure to obtain a CVE too? Can you help me? Christian
On Thu, Aug 29, 2013 at 12:47 PM, teilo <[email protected]> wrote: > Hi Christian, > > You should create an issue in the Jenkins bug tracker under the "Security > Issues" project. > > This project has restricted access so only the select few will be able to > see your report. > > See https://wiki.jenkins-ci.org/display/JENKINS/Security+Advisories for > more info. > > /James > > > On Thursday, 29 August 2013 11:36:04 UTC+1, Christian Catalano wrote: >> >> Hi everyone, >> >> I am executing a PT for my company... in my targets there is a server >> with a Jenkins application. >> >> I think I have found a severe security vulnerability so I would like to >> know the right procedure to: >> >> - advise the jenkins team >> - send the documentation to explait the vulnerability and to prove it >> - how I can obtain a CVE Identifier >> >> >> Best regards >> Christian >> >> -- > You received this message because you are subscribed to the Google Groups > "Jenkins Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/groups/opt_out. > -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
