<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Script Console :: 标签 :: x7peeps</title><link>https://x7peeps.com/tags/Script-Console/index.html</link><description/><generator>Hugo</generator><language>zh-CN</language><lastBuildDate>Thu, 03 Jul 2025 00:00:00 +0800</lastBuildDate><atom:link href="https://x7peeps.com/tags/Script-Console/index.xml" rel="self" type="application/rss+xml"/><item><title>Jenkins CI/CD 任意文件读取 Groovy RCE 供应链投毒 CVE漏洞链利用技术</title><link>https://x7peeps.com/%E5%AE%89%E5%85%A8/%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95/04-%E6%B8%97%E9%80%8F%E6%94%BB%E5%87%BB/Jenkins_CICD_%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96_Groovy_RCE_%E4%BE%9B%E5%BA%94%E9%93%BE%E6%8A%95%E6%AF%92_CVE%E6%BC%8F%E6%B4%9E%E9%93%BE%E5%88%A9%E7%94%A8%E6%8A%80%E6%9C%AF/index.html</link><pubDate>Thu, 03 Jul 2025 00:00:00 +0800</pubDate><guid>https://x7peeps.com/%E5%AE%89%E5%85%A8/%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95/04-%E6%B8%97%E9%80%8F%E6%94%BB%E5%87%BB/Jenkins_CICD_%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96_Groovy_RCE_%E4%BE%9B%E5%BA%94%E9%93%BE%E6%8A%95%E6%AF%92_CVE%E6%BC%8F%E6%B4%9E%E9%93%BE%E5%88%A9%E7%94%A8%E6%8A%80%E6%9C%AF/index.html</guid><description>深入分析 Jenkins CI/CD 的任意文件读取（CVE-2024-23897）、Agent 协议信任（CVE-2024-43044）、Groovy Script Console RCE、Pipeline 供应链投毒、凭据窃取、插件漏洞等完整攻击面，覆盖 2017-2025 年高危 CVE 漏洞链及蓝队检测与应急响应</description></item></channel></rss>