CVE-2023-32997
Jenkins CAS Plugin Session Fixation vulnerability in maven/org.jenkins-ci.plugins/cas-plugin
Identifiers
CVE-2023-32997, GHSA-hjh8-9gxh-cx4x
Package Slug
maven/org.jenkins-ci.plugins/cas-plugin
Vulnerability
Jenkins CAS Plugin Session Fixation vulnerability
Description
Jenkins CAS Plugin 1.6.2 and earlier does not invalidate the previous session on login.
Affected Versions
All versions up to 1.6.2
Solution
Unfortunately, there is no solution available yet.
Last Modified
2023-05-17
| source |