CVE-2023-32997, GHSA-hjh8-9gxh-cx4x
maven/org.jenkins-ci.plugins/cas-plugin
Jenkins CAS Plugin Session Fixation vulnerability
Jenkins CAS Plugin 1.6.2 and earlier does not invalidate the previous session on login.
All versions up to 1.6.2
Unfortunately, there is no solution available yet.
2023-05-17
source |