CVE-2023-24457

Cross-Site Request Forgery (CSRF) in maven/org.jenkins-ci.plugins/keycloak

Identifiers

GHSA-9wrr-4r9v-26xc, CVE-2023-24457

Package Slug

maven/org.jenkins-ci.plugins/keycloak

Vulnerability

Cross-Site Request Forgery (CSRF)

Description

A cross-site request forgery (CSRF) vulnerability in Jenkins Keycloak Authentication Plugin 2.3.0 and earlier allows attackers to trick users into logging in to the attacker's account.

Affected Versions

All versions up to 2.3.0

Solution

Unfortunately, there is no solution available yet.

Last Modified

2023-01-27

source