CVE-2023-41946

Cross-Site Request Forgery (CSRF) in maven/io.jenkins.plugins/frugal-testing

Identifiers

GHSA-g6rx-2w84-xmgj, CVE-2023-41946

Package Slug

maven/io.jenkins.plugins/frugal-testing

Vulnerability

Cross-Site Request Forgery (CSRF)

Description

A cross-site request forgery (CSRF) vulnerability in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers to connect to Frugal Testing using attacker-specified credentials, and to retrieve test IDs and names from Frugal Testing, if a valid credential corresponds to the attacker-specified username.

Affected Versions

All versions up to 1.1

Solution

Unfortunately, there is no solution available yet.

Last Modified

2024-01-31

source