CVE-2025-53652 – Jenkins Git Parameter Plugin Unauthorized Parameter Injection Vulnerability

July 10, 2025

CVE ID : CVE-2025-53652

Published : July 9, 2025, 4:15 p.m. | 11 hours, 45 minutes ago

Description : Jenkins Git Parameter Plugin 439.vb_0e46ca_14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters.

Severity: 8.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-52357 – FiberHome FD602GW-DX-R410 Router Ping Diagnostic XSS

Next Article CVE-2025-44177 – White Star Software Protop Directory Traversal Vulnerability

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

Blackstone portfolio company R Systems Acquires Novigo Solutions, Strengthening its Product Engineering and Full-Stack Agentic-AI Capabilities

Google Pixel 10 Pro vs. iPhone 16 Pro: I’ve used both handsets, and there’s a clear winner

Master these 48 Windows keyboard shortcuts and finish work early

Why the Pixel 10 is making this longtime iPhone user reconsider their next phone

Google Pixel 10 Pro Fold vs. Samsung Galaxy Z Fold 7: I compared both Androids, and here’s the winner

PERFIXION 2025: Powering AI Ideas

PERFIXION 2025: Powering AI Ideas

MongoDB Data Types

Building Cross-Platform Alerts with Laravel’s Notification Framework

Gears of War returns, Helldivers 2 jumps ship, and Xbox players win big — Xbox’s Aug 25–31 lineup proves the console war is getting interesting again

Gears of War returns, Helldivers 2 jumps ship, and Xbox players win big — Xbox’s Aug 25–31 lineup proves the console war is getting interesting again

Reports say Windows 11 update is bricking drives — is yours on the list?

Razer finally remembered I don’t live in China, so now we can all get this cool Gengar gaming headset

CVE-2025-53652 – Jenkins Git Parameter Plugin Unauthorized Parameter Injection Vulnerability

Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot

CVE-2025-8208 – Spexo Addons for Elementor WordPress Stored Cross-Site Scripting

CVE-2025-45427 – Tenda AC9 Stack Overflow Vulnerability

New Xbox games launching this week, from April 7 through April 13: South of Midnight hits Xbox Game Pass

CVE-2025-4692 – ABUP Cloud Update Platform JWT Privilege Escalation Vulnerability

CVE-2025-37817 – Linux kernel Double Free in Chameleon Driver

Why I’m patiently waiting for the Samsung Z Fold 8 next year (even though the foldable is already great)

Citrix Bleed 2: ReliaQuest Warns of Active Exploitation in NetScaler Gateway Vulnerability

CVE-2025-9262 – “Wong2 mcp-cli OAuth Handler Remote OS Command Injection Vulnerability”

What is Click to Do, and how do I use it? Explaining AI actions for Windows 11

CVE-2025-53652 – Jenkins Git Parameter Plugin Unauthorized Parameter Injection Vulnerability

Related Posts