jenkins-login: Jenkins Login Detected

漏洞描述

PoC代码[已公开]

id: jenkins-login

info:
  name: Jenkins Login Detected
  author: pdteam
  severity: info
  verified: true
  description: Jenkins is an open source automation server.
  reference:
    - https://www.jenkins.io/doc/book/security/

rules:
    r0:
        request:
            method: GET
            path: /login
        expression: |
          response.status == 200 && 
          (response.body.ibcontains(b'Sign in [Jenkins]') ||
          response.body.ibcontains(b'<title>登录 [Jenkins]</title>'))
expression: r0()

相关漏洞推荐

• CVE-2018-1000861: Jenkins 2.138 Remote Command Execution POC

  2025-09-01 | Jenkins
  A code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and earlier...

• jenkins-default-pwd: Jenkins Default Password POC

  2025-09-01 | Jenkins
  app="Jenkins"

• jenkins-api-panel: Jenkins API Instance Detection Template POC

  2025-09-01 | jenkins-api-panel
  Try to detect the presence of a Jenkins API instance via the API default XML endpoint

• CVE-2022-36883: Git Plugin up to 4.11.3 on Jenkins Build Authorization POC

  2025-09-01 | Git Plugin
  A missing permission check in Jenkins Git Plugin 4.11.3 and earlier allows unauthenticated attackers...

• SourceCodester Pet Grooming Management Software SQL注入漏洞 无POC

  2025-09-22 00:22:31 | SourceCodester Pet Grooming Management Software
  SourceCodester Pet Grooming Management Software是SourceCodester开源的一个宠物美容管理系统。 SourceCodester Pet Groo...