Jenkins Unauthenticated RCE on https://djangoci.com/
Critical
D
Django
Submitted None
Team Summary
Official summary from Django
This report discloses an RCE issue on djangoci.com as outlined in https://www.djangoproject.com/weblog/2019/may/15/rce-djangoci/ While technically a valid issue, it is out of scope for bounty, please see https://hackerone.com/django for details on which issues qualify for bounties.
Actions:
Reported by
j3ssie
Report Details
Additional information and metadata
State
Closed
Substate
Informative
Submitted
Weakness
OS Command Injection