CVE-2023-32980

Cross-Site Request Forgery (CSRF) in maven/org.jenkins-ci.plugins/email-ext

Identifiers

GHSA-2f89-66v2-9p53, CVE-2023-32980

Package Slug

maven/org.jenkins-ci.plugins/email-ext

Vulnerability

Cross-Site Request Forgery (CSRF)

Description

A cross-site request forgery (CSRF) vulnerability in Jenkins Email Extension Plugin allows attackers to make another user stop watching an attacker-specified job.

Affected Versions

All versions before 2.96.1

Solution

Upgrade to version 2.96.1 or above.

Last Modified

2023-05-17

source